CVE-2025-23660

CVE-2025-23660 describes a Cross-Site Request Forgery (CSRF) vulnerability in MFPlugin that enables Stored XSS. The entry states the issue affects MFPlugin versions from n/a through 1.3 and does not specify affected WordPress contexts, payloads, or exploit details. Red Hat’s related record corrob...

WordPress plugin MFPlugin 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL. WordPress plugin is an application plugin. A cross-site reque...