Homerunner Security Vulnerabilities and Issues — Homerunner CVE List

Lucene search

CoolrunnerHomerunner

1 matches found

CVE•added 2025/06/26 3:15 a.m.•8 views

CVE-2025-5932

The Homerunner plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.29. This is due to missing or incorrect nonce validation on the main_settings() function. This makes it possible for unauthenticated attackers to update plugin settings via a fo...

4.3CVSS6.7AI score0.00015EPSS