Lucene search
K

5 matches found

Patchstack
Patchstack
added 2025/05/19 4:7 a.m.10 views

WordPress WP-PManager plugin <= 1.2 - Category Deletion via CSRF vulnerability

Category Deletion via CSRF vulnerability discovered by Bob Matyas in WordPress Plugin WP-PManager versions = 1.2...

5.4CVSS6.8AI score0.00142EPSS
Exploits1References1Affected Software1
RedhatCVE
RedhatCVE
added 2025/05/17 9:4 p.m.9 views

CVE-2025-2247

The WP-PManager WordPress plugin through 1.2 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack...

5.4CVSS6.8AI score0.00142EPSS
Exploits1References1
NVD
NVD
added 2025/05/15 8:16 p.m.21 views

CVE-2025-2247

The WP-PManager WordPress plugin through 1.2 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack...

5.4CVSS0.00142EPSS
Exploits1References1
CVE
CVE
added 2025/05/15 8:7 p.m.37 views

CVE-2025-2247

The CVE-2025-2247 entry concerns the WP-PManager WordPress plugin (versions 1.2 and earlier) with a CSRF vulnerability in the settings update functionality. The root cause is a lack of CSRF checks, which could allow an authenticated attacker to cause a logged-in administrator to change settings v...

5.4CVSS6.8AI score0.00142EPSS
Exploits1References1Affected Software1
Vulnrichment
Vulnrichment
added 2025/05/15 8:7 p.m.9 views

CVE-2025-2247 WP-PManager <= 1.2 - Category Deletion via CSRF

The WP-PManager WordPress plugin through 1.2 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack...

7AI score0.00142EPSS
Exploits1References1
Rows per page
Query Builder