CVE-2025-2202

Broken access control vulnerability in the Innovación y Cualificación local administration plugin ajax.php. This vulnerability allows an attacker to obtain sensitive information about other users such as id, name, login and email. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt