CVE-2025-11176 | Quick Featured Images Plugin up to 13.7.2 on WordPress qfi_set_thumbnail resource injection

Inserito da Angelo Barbosa | Ott 14, 2025 | CVE

A vulnerability has been found in Quick Featured Images Plugin up to 13.7.2 on WordPress and classified as problematic. This impacts the function qfi_set_thumbnail. This manipulation causes improper control of resource identifiers.

This vulnerability appears as CVE-2025-11176. The attack may be initiated remotely. There is no available exploit.

CVE-2025-11176 | Quick Featured Images Plugin up to 13.7.2 on WordPress qfi_set_thumbnail resource injection

Post correlati

CVE-2020-11843 | OpenText NetIQ Access Manager up to 4.5 information disclosure

CVE-2025-47787 | Emlog up to 2.5.9 ZIP Plugin File store.php unrestricted upload (GHSA-4mcj-8gvh-p753)

CVE-2025-57699 | Western Digital Kitfox prior 1.1.1.1 on Windows Windows Service unquoted search path

CVE-2025-1413 | Blackmagic Design DaVinci Resolve up to 19.1.2 on macOS File Permission privileges assignment