8 matches found
CVE-2025-12173
The WP Admin Microblog plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.1.1. This is due to missing or incorrect nonce validation on the 'wp-admin-microblog' page. This makes it possible for unauthenticated attackers to send messages on beha...
CVE-2025-12173
The WP Admin Microblog plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.1.1. This is due to missing or incorrect nonce validation on the 'wp-admin-microblog' page. This makes it possible for unauthenticated attackers to send messages on beha...
CVE-2025-12173
CVE-2025-12173 concerns the WordPress plugin WP Admin Microblog (versions ≤ 3.1.1). Wordfence details indicate a Cross-Site Request Forgery (CSRF) due to missing or incorrect nonce validation on the wp-admin-microblog page, enabling unauthenticated attackers to post messages on behalf of an admin...
CVE-2025-12173 WP Admin Microblog <= 3.1.1 - Cross-Site Request Forgery to Message Creation
The WP Admin Microblog plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.1.1. This is due to missing or incorrect nonce validation on the 'wp-admin-microblog' page. This makes it possible for unauthenticated attackers to send messages on beha...
CVE-2025-12173 WP Admin Microblog <= 3.1.1 - Cross-Site Request Forgery to Message Creation
The WP Admin Microblog plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.1.1. This is due to missing or incorrect nonce validation on the 'wp-admin-microblog' page. This makes it possible for unauthenticated attackers to send messages on beha...
WordPress plugin WP Admin Microblog 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site request...
PT-2025-47254
Name of the Vulnerable Software and Affected Versions WP Admin Microblog plugin for WordPress versions prior to 3.1.2 Description The WP Admin Microblog plugin for WordPress is susceptible to Cross-Site Request Forgery CSRF. This is caused by a lack of, or incorrect, nonce validation on the...
WordPress WP Admin Microblog plugin <= 3.1.1 - Cross-Site Request Forgery to Message Creation vulnerability
Cross-Site Request Forgery to Message Creation vulnerability discovered by Nabil Irawan - Heroes Cyber Security in WordPress Plugin WP Admin Microblog versions = 3.1.1...