CVE-2025-11976

CVE-2025-11976 concerns FuseWP – WordPress User Sync to Email List & Marketing Automation (Mailchimp, Constant Contact, ActiveCampaign etc.) for WordPress. According to connected sources, the vulnerability is a Cross-Site Forgery (CSRF) due to missing or incorrect nonce validation in the save_cha...