5 matches found
WordPress WP-PManager plugin <= 1.2 - Category Deletion via CSRF vulnerability
Category Deletion via CSRF vulnerability discovered by Bob Matyas in WordPress Plugin WP-PManager versions = 1.2...
CVE-2025-2247
The WP-PManager WordPress plugin through 1.2 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack...
CVE-2025-2247
The WP-PManager WordPress plugin through 1.2 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack...
CVE-2025-2247
The CVE-2025-2247 entry concerns the WP-PManager WordPress plugin (versions 1.2 and earlier) with a CSRF vulnerability in the settings update functionality. The root cause is a lack of CSRF checks, which could allow an authenticated attacker to cause a logged-in administrator to change settings v...
CVE-2025-2247 WP-PManager <= 1.2 - Category Deletion via CSRF
The WP-PManager WordPress plugin through 1.2 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack...