CVE-2025-14399 | Download Plugins and Themes in ZIP from Dashboard Plugin download_plugin_bulk cross-site request forgery

Inserito da Angelo Barbosa | Dic 16, 2025 | CVE

A vulnerability described as problematic has been identified in Download Plugins and Themes in ZIP from Dashboard Plugin up to 1.9.6 on WordPress. The affected element is the function download_plugin_bulk. The manipulation results in cross-site request forgery.

This vulnerability is identified as CVE-2025-14399. The attack can be executed remotely. There is not any exploit available.

CVE-2025-14399 | Download Plugins and Themes in ZIP from Dashboard Plugin download_plugin_bulk cross-site request forgery

Post correlati

CVE-2025-59257 | Microsoft

CVE-2024-55917 | Trend Micro Apex One/Apex One as a Service origin validation

CVE-2023-6852 | kalcaddle KodExplorer up to 4.51.03 plugins/webodf/app.php server-side request forgery

CVE-2025-9716 | O2OA up to 10.0-410 Personal Profile Page form name/alias/description cross site scripting (Issue 182)