CVE-2025-3810 | WPBookit Plugin up to 1.0.2 on WordPress edit_profile_data resource injection

Inserito da Angelo Barbosa | Mag 8, 2025 | CVE

A vulnerability, which was classified as critical, has been found in WPBookit Plugin up to 1.0.2 on WordPress. This issue affects the function edit_profile_data. The manipulation leads to improper control of resource identifiers.

The identification of this vulnerability is CVE-2025-3810. The attack may be initiated remotely. There is no exploit available.

CVE-2025-3810 | WPBookit Plugin up to 1.0.2 on WordPress edit_profile_data resource injection

Post correlati

CVE-2024-5207 | wpexpertsio Post SMTP Plugin up to 2.9.3 on WordPress sql injection

CVE-2023-37898 | laurent22 joplin up to 2.12.8 MarkupToHtml.ts child_process cross site scripting (GHSA-hjmq-3qh4-g2r8)

CVE-2023-43743 | Zultys MX-SE/MX-SE II/MX-E/MX-Virtual/MX250/MX30 prior 16.04 Patch 16109/17.0.10 Patch 17161 Web Interface /newapi/ filter sql injection (ATREDIS-2023-0002)

CVE-2024-53718 | Eric Teubert Multi Feed Reader Plugin up to 2.2.4 on WordPress cross-site request forgery