GhostPool Gauge allows unauthorized access due to incorrect access control settings

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

7.5

GhostPool Gauge allows unauthorized access due to incorrect access control settings

CVE-2025-69298

Summary

A security issue in GhostPool Gauge makes it possible for unauthorized users to access data or perform actions they shouldn't be able to. This affects versions of GhostPool Gauge from its initial release up to version 6.56.4. If you're using an affected version, update to the latest patch release to fix the issue.

Original title

Missing Authorization vulnerability in GhostPool Gauge gauge allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Gauge: from n/a through <= 6.56.4.

Original description

Missing Authorization vulnerability in GhostPool Gauge gauge allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Gauge: from n/a through <= 6.56.4.

nvd CVSS3.1 7.5

Vulnerability type

CWE-862 Missing Authorization

https://patchstack.com/database/Wordpress/Theme/gauge/vulnerability/wordpress-ga...

Published: 20 Feb 2026 · Updated: 11 Mar 2026 · First seen: 6 Mar 2026