CVE-2025-13029 – Knowband Mobile App Builder for wooCommerce < 3.0.0 – Unauthenticated Arbitrary User Deletion

CVE ID : CVE-2025-13029

Published : Dec. 31, 2025, 6 a.m. | 24 minutes ago

Description : The Knowband Mobile App Builder WordPress plugin before 3.0.0 does not have authorisation when deleting users via its REST API, allowing unauthenticated attackers to delete arbitrary users.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…