CVE-2025-15488 | Responsive Plus Plugin up to 3.4.2 on WordPress Shortcode content_rech_data authorization

Inserito da Angelo Barbosa | Mar 26, 2026 | CVE

A vulnerability was found in Responsive Plus Plugin up to 3.4.2 on WordPress. It has been classified as critical. Affected is the function update_responsive_woo_free_shipping_left_shortcode of the component Shortcode Handler. The manipulation of the argument content_rech_data leads to incorrect authorization.

This vulnerability is documented as CVE-2025-15488. The attack can be initiated remotely. There is not any exploit available.

Upgrading the affected component is recommended.

CVE-2025-15488 | Responsive Plus Plugin up to 3.4.2 on WordPress Shortcode content_rech_data authorization

Post correlati

CVE-2026-32110 | SiYuan up to 3.5.x Endpoint forwardProxy server-side request forgery (GHSA-56cv-c5p2-j2wg)

CVE-2024-2381 | AliExpress Dropshipping with AliNext Lite up to 3.3.5 on WordPress unrestricted upload

CVE-2025-63662 | GT Edge AI Platform prior 2.0.10-dev /api/v1/agents permission

CVE-2025-8224 | GNU Binutils 2.44 BFD Library bfd/elf.c bfd_elf_get_str_section null pointer dereference