CVE-2025-12569

CVSS v3.1

4.7

Medium

Vector

AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N

Name of the Vulnerable Software and Affected Versions Guest posting / Frontend Posting / Front Editor WordPress plugin versions prior to 5.0.0

Description The software does not properly check user-supplied data before redirecting the user, which can lead to an open redirection. This means a malicious actor could potentially redirect users to a website of their choosing. The vulnerable parameter is used in a redirect operation without validation.

Recommendations Update to version 5.0.0 or later.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2025-12569

Affected Products

Front Editor

Frontend Posting

Guest Posting

CVE-2025-12569

Related Identifiers

Affected Products

References · 6