CVE-2025-11257
CVE-2025-11257 — LLM Hubspot Blog Import (WordPress) has a missing authorization check on the process_save_blogs AJAX endpoint in versions up to and including 1.0.1. This allows authenticated attackers with Subscriber-level access and above to trigger an import of all Hubspot data, facilitating u...