CVE-2025-3452 | SecuPress Free Plugin up to 2.3.9 on WordPress secupress_reinstall_plugins_admin_ajax_cb authorization

Inserito da Angelo Barbosa | Apr 28, 2025 | CVE

A vulnerability, which was classified as critical, was found in SecuPress Free Plugin up to 2.3.9 on WordPress. Affected is the function secupress_reinstall_plugins_admin_ajax_cb. The manipulation leads to missing authorization.

This vulnerability is traded as CVE-2025-3452. It is possible to launch the attack remotely. There is no exploit available.

CVE-2025-3452 | SecuPress Free Plugin up to 2.3.9 on WordPress secupress_reinstall_plugins_admin_ajax_cb authorization

Post correlati

CVE-2024-26122 | Adobe Experience Manager up to 6.5.19 Form Field cross site scripting (apsb24-21)

CVE-2025-23047 | Cilium up to 1.14.17/1.15.11/1.16.4 header information disclosure (GHSA-h78m-j95m-5356)

CVE-2024-7470 | Raisecom MSG1200/MSG2100E/MSG2200/MSG2300 3.90 Web Interface vpn_template_style.php sslvpn_config_mod template/stylenum os command injection

CVE-2024-13783 | FormCraft Plugin up to 3.9.11 on WordPress formcraft-main.php authorization