PT-2025-35015 · Aaron Axelsen +1 · Wpmu Ldap Authentication +1

Nguyen Xuan Chien

Published

2025-08-28

Updated

2025-08-28

CVE-2025-48343

Report an issue

CVSS v3.1

7.1

Vector

AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L

Name of the Vulnerable Software and Affected Versions:

WPMU Ldap Authentication versions n/a through 5.0.1

Description:

A Cross-Site Request Forgery (CSRF) vulnerability exists in Aaron Axelsen WPMU Ldap Authentication, which also allows Stored Cross-Site Scripting (XSS).

Recommendations:

At the moment, there is no information about a newer version that contains a fix for this vulnerability.

CSRF

Weakness Enumeration

CWE-352

Related Identifiers

CVE-2025-48343

Affected Products

Wpmu Ldap Authentication

Wordpress

PT-2025-35015 · Aaron Axelsen +1 · Wpmu Ldap Authentication +1

Weakness Enumeration

Related Identifiers

Affected Products

References · 3