PT-2025-38918 · WordPress · Yonisink Custom Post Type Images

Mika

Publicado

2025-09-22

Atualizado

2025-09-23

CVE-2025-58255

CVSS v3.1

9.6

Crítica

Vetor

AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions yonisink Custom Post Type Images versions through 0.5

Description A Cross-Site Request Forgery (CSRF) issue exists in yonisink Custom Post Type Images that can lead to Code Injection. The issue allows for potential code execution through crafted requests.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

CSRF

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-352

Identificadores relacionados

CVE-2025-58255

Produtos afetados

Yonisink Custom Post Type Images

PT-2025-38918 · WordPress · Yonisink Custom Post Type Images

CVE-2025-58255

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 5