3 matches found
CVE-2025-2111
creationtimestamp| type| source ---|---|--- 2025-04-19 06:00:15+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/12575 2025-04-19 07:08:24+00:00| seen| https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3ln5laad2rsu2 2025-04-19...
CVE-2025-2111 WP Headers And Footers <= 3.1.1 - Cross-Site Request Forgery to Arbitrary Options Update
The Insert Headers And Footers plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.1.1. This is due to missing or incorrect nonce validation on the 'custompluginsetoption' function. This makes it possible for unauthenticated attackers to update...
WordPress WP Headers And Footers plugin <= 3.1.1 - Cross-Site Request Forgery to Arbitrary Options Update vulnerability
Cross-Site Request Forgery to Arbitrary Options Update vulnerability discovered by Carlos Ferreira in WordPress Plugin Insert Headers And Footers versions = 3.1.1...