CVE-2025-8595 | Zakra Plugin up to 4.1.5 on WordPress Demo Import welcome_notice_import_handler authorization

Inserito da Angelo Barbosa | Ago 5, 2025 | CVE

A vulnerability was found in Zakra Plugin up to 4.1.5 on WordPress. It has been classified as critical. This affects the function welcome_notice_import_handler of the component Demo Import Handler. The manipulation leads to missing authorization.

This vulnerability is uniquely identified as CVE-2025-8595. It is possible to initiate the attack remotely. There is no exploit available.

CVE-2025-8595 | Zakra Plugin up to 4.1.5 on WordPress Demo Import welcome_notice_import_handler authorization

Post correlati

CVE-2024-10433 | Project Worlds Simple Web-Based Chat Application 1.0 /index.php Name/Comment cross site scripting

CVE-2025-21393 | Microsoft SharePoint Server cross site scripting

CVE-2023-6742 | Envira Gallery Lite Plugin up to 1.8.7.2 on WordPress envira_gallery_insert_images authorization

CVE-2024-39713 | Rocket.Chat up to 6.10.0 Twilio Webhook Endpoint server-side request forgery