CVE-2025-39371

🗓️ 19 May 2025 16:41:23Reported by PatchstackType

WordPress Author Box Plugin <= 1.3.5 has a Cross Site Request Forgery vulnerability.

Reporter	Title	Published	Views	Family All 8
Cvelist	CVE-2025-39371 WordPress Author Box Plugin With Different Description plugin <= 1.3.5 - Cross Site Request Forgery (CSRF) vulnerability	19 May 202516:41	–	cvelist
EUVD	EUVD-2025-27948	3 Oct 202520:07	–	euvd
NVD	CVE-2025-39371	19 May 202517:15	–	nvd
Patchstack	WordPress Author Box Plugin With Different Description plugin <= 1.3.5 - Cross Site Request Forgery (CSRF) vulnerability	25 Apr 202508:57	–	patchstack
Positive Technologies	PT-2025-22029 · WordPress · Sanjeev Mohindra Author Box Plugin With Different Description	19 May 202500:00	–	ptsecurity
RedhatCVE	CVE-2025-39371	21 May 202517:19	–	redhatcve
Vulnrichment	CVE-2025-39371 WordPress Author Box Plugin With Different Description plugin <= 1.3.5 - Cross Site Request Forgery (CSRF) vulnerability	19 May 202516:41	–	vulnrichment
Wordfence Blog	Wordfence Intelligence Weekly WordPress Vulnerability Report (April 21, 2025 to April 27, 2025)	1 May 202515:38	–	wordfence

Vulners

Node

sanjeev_mohindra author_box_plugin_with_different_descriptionRange≤1.3.5wordpress

[
  {
    "collectionURL": "https://wordpress.org/plugins",
    "defaultStatus": "unaffected",
    "packageName": "author-box-with-different-description",
    "product": "Author Box Plugin With Different Description",
    "vendor": "Sanjeev Mohindra",
    "versions": [
      {
        "lessThanOrEqual": "1.3.5",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
patchstack	www.patchstack.com/database/Wordpress/Plugin/author-box-with-different-description/vulnerability/wordpress-author-box-plugin-with-different-description-plugin-1-3-5-cross-site-request-forgery-csrf-vulnerability

28 Apr 2026 16:12Current

7.2High risk

Vulners AI Score7.2

CVSS 3.14.3

EPSS0.00084

SSVC

CWE-352