CVE-2025-12189
The Bread & Butter WordPress plugin (Bread & Butter: Gate content + Capture leads + Collect first-party data + Nurture with Ai agents) is affected by a Cross-Site Request Forgery leading to arbitrary file upload via the uploadImage() AJAX handler. Root cause: missing/incorrect nonce validation in...