CVE-2025-9883

Name of the Vulnerable Software and Affected Versions Browser Sniff versions prior to 2.3

Description The Browser Sniff plugin for WordPress is susceptible to Cross-Site Request Forgery due to missing or incorrect nonce validation on a function. This allows unauthenticated attackers to update settings and inject malicious web scripts via a forged request if they can trick a site administrator into performing an action, such as clicking a link.

Recommendations Update Browser Sniff to a version later than 2.3.