Reuters Direct — Vulnerabilities & Security Advisories 3

All 3 CVE vulnerabilities found in Reuters Direct, with AI-generated Chinese analysis, references, and POCs.

Vendor: rnags

CVE ID	Title	CVSS	Severity	Published
CVE-2025-49349	WordPress Reuters Direct plugin <= 3.0.0 - Broken Access Control vulnerability CWE-862	5.3	Medium	2025-12-31
CVE-2025-12579	Reuters Direct <= 3.0.0 - Missing Authorization to Unauthenticated Settings Reset CWE-862	5.3	Medium	2025-11-27
CVE-2025-12578	Reuters Direct <= 3.0.0 - Cross-Site Request Forgery to Settings Reset CWE-352	4.3	Medium	2025-11-27

All 3 known CVE vulnerabilities affecting Reuters Direct with full Chinese analysis, references, and POCs where available.