WordPress Theme Importer plugin cross-site request forgery vulnerability

WordPress Theme Importer plugin is mainly used to import website content such as pages, menus, images, etc. from other platforms or websites into WordPress for quick migration or rebuilding of websites. The WordPress Theme Importer plugin suffers from a cross-site request forgery vulnerability,...

CVE-2025-10312

The Theme Importer plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0. This is due to missing nonce validation when processing form submissions in the theme-importer.php file. This makes it possible for unauthenticated attackers to trigger...

CVE-2025-10312

The Theme Importer plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0. This is due to missing nonce validation when processing form submissions in the theme-importer.php file. This makes it possible for unauthenticated attackers to trigger...

CVE-2025-10312 Theme Importer <= 1.0 - Cross-Site Request Forgery

The Theme Importer plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0. This is due to missing nonce validation when processing form submissions in the theme-importer.php file. This makes it possible for unauthenticated attackers to trigger...

EUVD-2025-34550

The Theme Importer plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0. This is due to missing nonce validation when processing form submissions in the theme-importer.php file. This makes it possible for unauthenticated attackers to trigger...

CVE-2025-10312 Theme Importer <= 1.0 - Cross-Site Request Forgery

The Theme Importer plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0. This is due to missing nonce validation when processing form submissions in the theme-importer.php file. This makes it possible for unauthenticated attackers to trigger...

CVE-2025-10312

CVE-2025-10312 : WordPress Theme Importer plugin

WordPress Theme Importer plugin <= 1.0 - Cross-Site Request Forgery vulnerability

Cross-Site Request Forgery vulnerability discovered by Nabil Irawan in WordPress Plugin Theme Importer versions = 1.0...

WordPress plugin Theme Importer 跨站请求伪造漏洞

WordPress Theme Importer plugin is mainly used to import website content such as pages, menus, images, etc. from other platforms or websites into WordPress for quick migration or rebuilding of websites. The WordPress Theme Importer plugin suffers from a cross-site request forgery vulnerability,...