CVE-2025-30528

Name of the Vulnerable Software and Affected Versions wpshopee Awesome Logos versions 1.2 and earlier

Description The issue is a Cross-Site Request Forgery (CSRF) vulnerability that allows SQL Injection. This means an attacker can trick a user into performing unintended actions on a web application, potentially leading to unauthorized access to sensitive data.

Recommendations For versions 1.2 and earlier, update to a version that includes a fix for this issue, as no specific workaround is provided for these versions. As a temporary workaround, consider restricting access to sensitive functionality to minimize the risk of exploitation. Avoid using the vulnerable plugin until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.