A vulnerability classified as problematic has been found in NewsBlogger Theme up to 0.2.5.4 on WordPress. This affects the function
newsblogger_install_and_activate_plugin
of the component Plugin Installation Handler. The manipulation leads to cross-site request forgery.
This vulnerability is uniquely identified as CVE-2025-1305. It is possible to initiate the attack remotely. There is no exploit available.