{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-09T01:11:36.597","vulnerabilities":[{"cve":{"id":"CVE-2025-31539","sourceIdentifier":"audit@patchstack.com","published":"2025-03-31T13:15:47.880","lastModified":"2026-04-23T15:27:55.640","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Missing Authorization vulnerability in Blocksera Cryptocurrency Widgets Pack cryptocurrency-widgets-pack allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Cryptocurrency Widgets Pack: from n/a through <= 2.0.1."},{"lang":"es","value":"La vulnerabilidad de falta de autorización en Blocksera Cryptocurrency Widgets Pack permite explotar niveles de seguridad de control de acceso configurados incorrectamente. Este problema afecta al paquete de widgets de criptomonedas desde la versión n/d hasta la 2.0.1."}],"metrics":{"cvssMetricV31":[{"source":"audit@patchstack.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":3.6}]},"weaknesses":[{"source":"audit@patchstack.com","type":"Secondary","description":[{"lang":"en","value":"CWE-862"}]}],"references":[{"url":"https://patchstack.com/database/Wordpress/Plugin/cryptocurrency-widgets-pack/vulnerability/wordpress-cryptocurrency-widgets-pack-plugin-2-0-1-broken-access-control-vulnerability?_s_id=cve","source":"audit@patchstack.com"}]}}]}