6 matches found
CVE-2025-10145
The Auto Featured Image Auto Post Thumbnail plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 4.1.7 via the uploadtolibrary function. This makes it possible for authenticated attackers, with Author-level access and above, to make web requests ...
CVE-2025-10145
Rejected reason: REJECT DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2023-7073. Reason: This candidate is a reservation duplicate of CVE-2023-7073. Notes: All CVE users should reference CVE-2023-7073 instead of this candidate. All references and descriptions in this candidate have been remov...
CVE-2025-10145
...
EUVD-2025-36435
The Auto Featured Image Auto Post Thumbnail plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 4.1.7 via the uploadtolibrary function. This makes it possible for authenticated attackers, with Author-level access and above, to make web requests ...
CVE-2025-10145
CVE-2025-10145 entry is rejected; refer to CVE-2023-7073 instead.
CVE-2023-7073
The Auto Featured Image Auto Post Thumbnail plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 4.0.0 via the uploadtolibrary AJAX action. This makes it possible for authenticated attackers, with author-level access and above, to make web reques...