CVE-2025-10057 | WP Import Plugin up to 7.28 on WordPress customFunction.php write_to_customfile code injection

Inserito da Angelo Barbosa | Set 16, 2025 | CVE

A vulnerability categorized as critical has been discovered in WP Import Plugin up to 7.28 on WordPress. The impacted element is the function write_to_customfile of the file customFunction.php. Such manipulation leads to code injection.

This vulnerability is traded as CVE-2025-10057. The attack may be launched remotely. There is no exploit available.

CVE-2025-10057 | WP Import Plugin up to 7.28 on WordPress customFunction.php write_to_customfile code injection

Post correlati

CVE-2024-47764 | jshttp cookie up to 0.6.x injection (GHSA-pxg6-pf52-xh8x)

CVE-2025-9233 | Scada-LTS up to 2.7.8.1 view_edit.shtm Name cross site scripting

CVE-2023-42883 | Apple watchOS Image denial of service

CVE-2024-0240 | Silicon Labs Gecko SDK prior 4.3.0 Notifications resource consumption