CVE-2025-14364 | Demo Importer Plus Plugin up to 2.0.8 on WordPress Ajax::handle_request authorization

Inserito da Angelo Barbosa | Dic 17, 2025 | CVE

A vulnerability classified as critical has been found in Demo Importer Plus Plugin up to 2.0.8 on WordPress. The impacted element is the function Ajax::handle_request. The manipulation leads to missing authorization.

This vulnerability is documented as CVE-2025-14364. The attack can be initiated remotely. There is not any exploit available.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

CVE-2025-14364 | Demo Importer Plus Plugin up to 2.0.8 on WordPress Ajax::handle_request authorization

Post correlati

CVE-2024-33558 | 8theme XStore Core Plugin up to 5.3.5 on WordPress authorization

CVE-2023-49676 | CODESYS Development System prior 2.3.9.73 Project File use after free (VDE-2024-024)

CVE-2024-8185 | HashiCorp Vault/Vault Enterprise up to 1.18.0 API Endpoint failing open

CVE-2024-1910 | Categorify Plugin up to 1.0.7.4 on WordPress categorifyAjaxClearCategory cross-site request forgery