CVE-2025-3780 | WCFM Plugin up to 6.7.16 on WordPress Setting wcfm_redirect_to_setup authorization

Inserito da Angelo Barbosa | Lug 8, 2025 | CVE

A vulnerability, which was classified as problematic, was found in WCFM Plugin up to 6.7.16 on WordPress. Affected is the function wcfm_redirect_to_setup of the component Setting Handler. The manipulation leads to missing authorization.

This vulnerability is traded as CVE-2025-3780. It is possible to launch the attack remotely. There is no exploit available.

CVE-2025-3780 | WCFM Plugin up to 6.7.16 on WordPress Setting wcfm_redirect_to_setup authorization

Post correlati

CVE-2023-52082 | Lychee up to 5.0.1 sql injection (GHSA-rjwv-5j3m-p5x4)

CVE-2024-40783 | Apple macOS up to 12.7.5/13.6.7/14.5 Privacy Preferences access control

CVE-2024-38535 | OISF Suricata up to 6.0.19/7.0.5 HTTP/2 allocation of resources

CVE-2025-0581 | CampCodes School Management Software 1.0 Chat History /chat/group/send message cross site scripting