WordPress plugin Disable Content Editor For Specific Template 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. WordPress is a blogging platform developed using the PHP language, which provides the ability to host personal blog sites on PHP and MySQL based...

CVE-2025-12072

CVE-2025-12072 concerns the WordPress plugin Disable Content Editor For Specific Template (≤ 2.0). Root cause is missing nonce validation on template configuration updates, enabling CSRF. Impact: unauthenticated attackers can induce administrators to add or delete template configurations via forg...

CVE-2025-12072 Disable Content Editor For Specific Template <= 2.0 - Cross-Site Request Forgery to Template Configuration Update

The Disable Content Editor For Specific Template plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.0. This is due to missing nonce validation on template configuration updates. This makes it possible for unauthenticated attackers to add or...

PT-2025-43601

Name of the Vulnerable Software and Affected Versions Disable Content Editor For Specific Template plugin for WordPress versions prior to 2.1 Description The Disable Content Editor For Specific Template plugin for WordPress is susceptible to a Cross-Site Request Forgery CSRF issue. This is caused...

WordPress Disable Content Editor For Specific Template plugin <= 2.0 - Cross-Site Request Forgery to Template Configuration Update vulnerability

Cross-Site Request Forgery to Template Configuration Update vulnerability discovered by Nabil Irawan in WordPress Plugin Disable Content Editor For Specific Template versions = 2.0...