CVE-2025-12400 | LMB Box Smileys Plugin up to 3.2 on WordPress Setting manage_page cross-site request forgery

Inserito da Angelo Barbosa | Nov 3, 2025 | CVE

A vulnerability categorized as problematic has been discovered in LMB Box Smileys Plugin up to 3.2 on WordPress. This vulnerability affects the function manage_page of the component Setting Handler. Executing manipulation can lead to cross-site request forgery.

This vulnerability is tracked as CVE-2025-12400. The attack can be launched remotely. No exploit exists.

CVE-2025-12400 | LMB Box Smileys Plugin up to 3.2 on WordPress Setting manage_page cross-site request forgery

Post correlati

CVE-2024-7443 | Vivotek IB8367A VVTK-0100b upload_file.cgi getenv QUERY_STRING command injection

CVE-2024-6774 | Google Chrome up to 126.0.6478.126 Screen Capture use after free (ID 346898)

CVE-2018-16153 | Apereo Opencast up to 10.5 improper authentication

CVE-2024-0433 | Gestpay for WooCommerce Plugin up to 20221130 on WordPress ajax_unset_default_card cross-site request forgery