A vulnerability was found in Zakra Plugin up to 4.1.5 on WordPress. It has been classified as critical. This affects the function
welcome_notice_import_handler
of the component Demo Import Handler. The manipulation leads to missing authorization.
This vulnerability is uniquely identified as CVE-2025-8595. It is possible to initiate the attack remotely. There is no exploit available.