PT-2025-29989 · WordPress · Copymatic – Ai Content Writer & Generator
Jonas Benjamin Friedli
·
Published
2025-07-18
·
Updated
2025-07-22
·
CVE-2025-6781
CVSS v3.1
4.3
Medium
| Vector | AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
Copymatic – AI Content Writer & Generator plugin for WordPress versions up to and including 2.1
Description
The Copymatic – AI Content Writer & Generator plugin for WordPress is susceptible to Cross-Site Request Forgery due to missing or incorrect nonce validation on the
copymatic-menu page. This allows unauthenticated attackers to update the copymatic apikey option via a forged request if they can trick a site administrator into performing an action, such as clicking a link.Recommendations
Update Copymatic – AI Content Writer & Generator plugin for WordPress to a version later than 2.1.
Fix
CSRF
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Copymatic – Ai Content Writer & Generator