The vulnerability identified as CVE-2025-53230 involves missing authorization checks in the honzat Page Manager for Elementor plugin, versions up to 2.0.5. This flaw allows attackers with low privileges to exploit incorrectly configured access control security levels, potentially enabling unauthorized access or modification of resources. The CVSS 3.1 vector (AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H) reflects network attack vector, low attack complexity, requiring privileges, no user interaction, unchanged scope, with low confidentiality and integrity impact but high availability impact.

Successful exploitation could allow an attacker with limited privileges to perform unauthorized actions that may compromise the availability of the affected system and cause limited confidentiality and integrity impacts. This could disrupt normal operations of the Page Manager for Elementor plugin and potentially affect the broader WordPress environment where it is installed.

Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until an official fix is released, review and restrict user privileges to minimize risk. Monitor for updates from the vendor or trusted security advisories to apply patches promptly once available.