WordPress IS-theme-companion plugin <= 1.59 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Nguyen Tran Tuan Dung domiee13 in WordPress Plugin IS-theme-companion versions = 1.59...

CVE-2025-53277

CVE-2025-53277 : Infigo Software IS-theme-companion WordPress plugin is vulnerable to Cross-Site Request Forgery (CSRF) that enables Object Injection in versions up to 1.57. Public metrics show CVSSv3.1 base score 8.8 (HIGH), with network attack vector, low attack complexity, no privileges requir...