CVE-2025-14037 | Invelity Product Feeds Plugin up to 1.2.6 on WordPress Requests createManageFeedPage cross-site request forgery

Inserito da Angelo Barbosa | Mar 21, 2026 | CVE

A vulnerability classified as problematic was found in Invelity Product Feeds Plugin up to 1.2.6 on WordPress. This affects the function createManageFeedPage of the component Requests Handler. Executing a manipulation can lead to cross-site request forgery.

This vulnerability is handled as CVE-2025-14037. The attack can be executed remotely. There is not any exploit available.

CVE-2025-14037 | Invelity Product Feeds Plugin up to 1.2.6 on WordPress Requests createManageFeedPage cross-site request forgery

Post correlati

CVE-2024-26146 | rubygem-rack Header Parser denial of service

CVE-2024-5785 | Comtrend WLD71-T1 GRG-4280us POST Request formUserTracert os command injection

CVE-2025-14534 | UTT 进取 512W up to 3.1.7.7-171114 Endpoint /goform/formNatStaticMap strcpy NatBind buffer overflow

CVE-2024-10755 | PHPGurukul Online Shopping Portal 2.0 empty_table.php scripts cross site scripting