{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-29T04:53:48.646","vulnerabilities":[{"cve":{"id":"CVE-2025-49970","sourceIdentifier":"audit@patchstack.com","published":"2025-06-20T15:15:22.113","lastModified":"2026-04-23T15:31:53.630","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Missing Authorization vulnerability in sparklewpthemes Hello FSE Blog hello-fse-blog allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Hello FSE Blog: from n/a through <= 1.0.6."},{"lang":"es","value":"La vulnerabilidad de falta de autorización en sparklewpthemes Hello FSE Blog permite explotar niveles de seguridad de control de acceso configurados incorrectamente. Este problema afecta al blog Hello FSE desde la versión n/d hasta la 1.0.6."}],"metrics":{"cvssMetricV31":[{"source":"audit@patchstack.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N","baseScore":4.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":1.4}]},"weaknesses":[{"source":"audit@patchstack.com","type":"Secondary","description":[{"lang":"en","value":"CWE-862"}]}],"references":[{"url":"https://patchstack.com/database/Wordpress/Theme/hello-fse-blog/vulnerability/wordpress-hello-fse-blog-theme-1-0-6-broken-access-control-vulnerability?_s_id=cve","source":"audit@patchstack.com"}]}}]}