CVE-2025-3780 | WCFM Plugin up to 6.7.16 on WordPress Setting wcfm_redirect_to_setup authorization

Inserito da Angelo Barbosa | Lug 8, 2025 | CVE

A vulnerability, which was classified as problematic, was found in WCFM Plugin up to 6.7.16 on WordPress. Affected is the function wcfm_redirect_to_setup of the component Setting Handler. The manipulation leads to missing authorization.

This vulnerability is traded as CVE-2025-3780. It is possible to launch the attack remotely. There is no exploit available.

CVE-2025-3780 | WCFM Plugin up to 6.7.16 on WordPress Setting wcfm_redirect_to_setup authorization

Post correlati

CVE-2025-1004 | HP LaserJet Pro Printers Internet Printing Protocol unexpected data type

CVE-2025-7628 | YiJiuSmile kkFileViewOfficeEdit up to 5fbc57c48e8fe6c1b91e0e7995e2d59615f37abd /deleteFile fileName path traversal (Issue 15)

CVE-2024-0107 | NVIDIA GPU Display Driver/vGPU Software/Cloud Gaming on Windows User Mode Layer out-of-bounds

CVE-2024-31220 | LizardByte Sunshine 0.16.x/0.17.x node_modules Endpoint path traversal (GHSA-6rg7-7m3w-w5wc)