CVE-2025-5924 | WP Firebase Push Notification Plugin up to 1.2.0 on WordPress wfpn_brodcast_notification_message cross-site request forgery

Inserito da Angelo Barbosa | Lug 3, 2025 | CVE

A vulnerability, which was classified as problematic, has been found in WP Firebase Push Notification Plugin up to 1.2.0 on WordPress. This issue affects the function wfpn_brodcast_notification_message. The manipulation leads to cross-site request forgery.

The identification of this vulnerability is CVE-2025-5924. The attack may be initiated remotely. There is no exploit available.

CVE-2025-5924 | WP Firebase Push Notification Plugin up to 1.2.0 on WordPress wfpn_brodcast_notification_message cross-site request forgery

Post correlati

CVE-2025-6818 | HDF5 1.14.6 /src/H5Ochunk.c H5O__chunk_protect heap-based overflow (Issue 5573)

CVE-2024-30531 | Nelio Content Plugin up to 3.2.0 on WordPress server-side request forgery

CVE-2025-27515 | Laravel Framework up to 11.44.0/12.1.0 wildcards or matching symbols (GHSA-78fx-h6xr-vch4)

CVE-2024-7145 | JetElements Plugin up to 2.6.20 on WordPress file inclusion