CVE-2025-8446 | blazethemes Blaze Demo Importer Plugin up to 1.0.12 on WordPress Install blaze_demo_importer_install_plugin authorization

Inserito da Angelo Barbosa | Set 16, 2025 | CVE

A vulnerability classified as critical has been found in blazethemes Blaze Demo Importer Plugin up to 1.0.12 on WordPress. Impacted is the function blaze_demo_importer_install_plugin of the component Install Handler. Performing manipulation results in missing authorization.

This vulnerability is identified as CVE-2025-8446. The attack can be initiated remotely. There is not any exploit available.

CVE-2025-8446 | blazethemes Blaze Demo Importer Plugin up to 1.0.12 on WordPress Install blaze_demo_importer_install_plugin authorization

Post correlati

CVE-2025-23377 | Dell PowerProtect Data Manager up to 19.18.0-23 escape output (dsa-2025-062)

CVE-2025-21734 | Linux Kernel up to 6.1.128/6.6.77/6.12.13/6.13.2 fastrpc out-of-bounds

CVE-2024-9349 | Auto Amazon Links Plugin up to 5.4.2 on WordPress cross site scripting

CVE-2025-53582 | WordLift Plugin up to 3.54.5 on WordPress cross site scripting