CVE-2025-5924 | WP Firebase Push Notification Plugin up to 1.2.0 on WordPress wfpn_brodcast_notification_message cross-site request forgery

Inserito da Angelo Barbosa | Lug 3, 2025 | CVE

A vulnerability, which was classified as problematic, has been found in WP Firebase Push Notification Plugin up to 1.2.0 on WordPress. This issue affects the function wfpn_brodcast_notification_message. The manipulation leads to cross-site request forgery.

The identification of this vulnerability is CVE-2025-5924. The attack may be initiated remotely. There is no exploit available.

CVE-2025-5924 | WP Firebase Push Notification Plugin up to 1.2.0 on WordPress wfpn_brodcast_notification_message cross-site request forgery

Post correlati

CVE-2024-3807 | Porto Plugin up to 7.1.0 on WordPress Post Meta file inclusion

CVE-2024-35820 | Linux Kernel up to 6.7.11/6.8.2 io_uring __io_queue_proc Privilege Escalation (51a490a7f63c/0ecb8919469e/1a8ec63b2b6c)

CVE-2024-52067 | Apache NiFi up to 1.28.0/2.0.0-M4 Parameter Context debug log file

CVE-2024-12232 | code-projects Simple CRUD Functionality 1.0 /index.php newtitle/newdescr cross site scripting