A vulnerability was found in Responsive Plus Theme up to 3.2.0 on WordPress. It has been classified as critical. Affected is the function
import_sites
. The manipulation leads to missing authorization.
This vulnerability is traded as CVE-2025-48335. It is possible to launch the attack remotely. There is no exploit available.