CVE-2025-12407 | Events Manager Plugin up to 7.2.2.2 on WordPress location_delete cross-site request forgery

Inserito da Angelo Barbosa | Dic 12, 2025 | CVE

A vulnerability categorized as problematic has been discovered in Events Manager Plugin up to 7.2.2.2 on WordPress. Affected is the function location_delete. Executing manipulation can lead to cross-site request forgery.

This vulnerability appears as CVE-2025-12407. The attack may be performed from remote. There is no available exploit.

CVE-2025-12407 | Events Manager Plugin up to 7.2.2.2 on WordPress location_delete cross-site request forgery

Post correlati

CVE-2023-6938 | Oxygen Builder Plugin up to 4.8 on WordPress Custom Fields cross site scripting

CVE-2024-3706 | OpenGnsys 1.1.1d controlaccess.php-LAST information disclosure

CVE-2024-57628 | MonetDB Server 11.49.1 SQL exp_values_set_supertype denial of service (Issue 7437)

CVE-2024-36973 | Linux Kernel up to 6.10-rc3 pci1xxxx gp_aux_bus_probe double free (086c6cbcc563)