CVE-2025-12401

CVE-2025-12401 – Label Plugins (WordPress): The WordPress Label Plugins plugin (versions up to 0.5) is affected by Cross-Site Request Forgery due to missing or incorrect nonce validation in label_plugins_options(), enabling unauthenticated attackers to update settings and inject malicious scripts...