A vulnerability, which was classified as problematic, has been found in WP Firebase Push Notification Plugin up to 1.2.0 on WordPress. This issue affects the function wfpn_brodcast_notification_message. The manipulation leads to cross-site request forgery.

The identification of this vulnerability is CVE-2025-5924. The attack may be initiated remotely. There is no exploit available.