CVE-2025-12410 | SH Contextual Help Plugin up to 3.2.1 on WordPress Setting sh_contextual_help_dashboard_widget cross-site request forgery

Inserito da Angelo Barbosa | Nov 3, 2025 | CVE

A vulnerability was found in SH Contextual Help Plugin up to 3.2.1 on WordPress. It has been declared as problematic. Affected by this issue is the function sh_contextual_help_dashboard_widget of the component Setting Handler. Such manipulation leads to cross-site request forgery.

This vulnerability is referenced as CVE-2025-12410. It is possible to launch the attack remotely. No exploit is available.

CVE-2025-12410 | SH Contextual Help Plugin up to 3.2.1 on WordPress Setting sh_contextual_help_dashboard_widget cross-site request forgery

Post correlati

CVE-2025-0908 | Tracker Software PDF-XChange Editor U3D File Parser out-of-bounds

CVE-2025-22811 | Modeltheme MT Addons for Elementor Plugin up to 1.0.6 on WordPress cross site scripting

CVE-2023-49489 | kalcaddle KodeExplorer 4.51 config/i18n/en/main.php APP_HOST cross site scripting

CVE-2024-46446 | Mecha CMS up to 3.0.0 path traversal