{"id":86515,"date":"2026-02-21T00:21:11","date_gmt":"2026-02-21T00:21:11","guid":{"rendered":""},"modified":"-0001-11-30T00:00:00","modified_gmt":"-0001-11-30T06:00:00","slug":"cve-2025-52802-missing-authorization-vulnerability-in-import-youtube-videos-as-wp-posts-plugin","status":"publish","type":"post","link":"https:\/\/www.ameeba.com\/blog\/cve-2025-52802-missing-authorization-vulnerability-in-import-youtube-videos-as-wp-posts-plugin\/","title":{"rendered":"CVE-2025-52802: Missing Authorization Vulnerability in Import YouTube Videos as WP Posts Plugin<\/strong>"},"content":{"rendered":"

Overview<\/strong><\/p>\n

The CVE-2025-52802 vulnerability pertains to a missing authorization issue in the ‘Import YouTube videos as WP Posts’ WordPress plugin. This vulnerability poses a significant risk to any website utilizing versions of the plugin up to and including 2.1, as it allows unauthorized access due to improperly configured access control security levels. The flaw’s exploitation can potentially result in system compromise and data leakage.<\/p>\n

Vulnerability Summary<\/strong><\/p>\n

CVE ID: CVE-2025-52802
\nSeverity: High (CVSS: 7.5)
\nAttack Vector: Network
\nPrivileges Required: None
\nUser Interaction: None
\nImpact: Potential system compromise and data leakage<\/p>\n

Affected Products<\/strong><\/p>

\r\n

\r\n \r\n \"Ameeba\r\n <\/a>\r\n Share secrets securely\r\n <\/h2>\r\n\r\n

\r\n Ameeba is private infrastructure for communication and sensitive work built on encrypted identity instead of exposed corporate identity systems.\r\n <\/p>\r\n\r\n

\r\n Passwords, credentials, confidential files, screenshots, internal discussions, sensitive AI context, and private coordination should not become exposed across ordinary communication platforms.\r\n <\/p>\r\n\r\n