Brave Conversion Engine (Pro)
Approved changes feed: RSS · Atom
cpe:2.3:a:brave:brave_conversion_engine_(pro):*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | Brave (b3516991-2714-56a1-be63-9c87fa6b4495) |
|---|---|
| Product | Brave Conversion Engine (Pro) (38f207f9-0a17-5bbe-a346-f2186b83df88) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2025-7710 |
vulnerable | 2026-06-08 07:45:18.019763 |
Brave Conversion Engine (PRO) <= 0.7.7 - Authentication Bypass to Administrator
CRITICAL (9.8)
The Brave Conversion Engine (PRO) plugin for WordPress is vulnerable to Authentication Bypass in all versions up to, and including, 0.7.7. This is due to the plugin not properly restricting a claimed identity while authenticating with Facebook. This makes it possible for unauthenticated attackers to log in as other users, including administrators.
Published: 2025-08-02T11:23:55.098Z
Updated: 2026-04-08T16:56:35.243Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.