CVE-2025-9331 | Spacious Plugin up to 1.9.11 on WordPress Demo Data Import welcome_notice_import_handler authorization

Inserito da Angelo Barbosa | Ago 22, 2025 | CVE

A vulnerability classified as critical was found in Spacious Plugin up to 1.9.11 on WordPress. The impacted element is the function welcome_notice_import_handler of the component Demo Data Import. Such manipulation leads to missing authorization.

This vulnerability is referenced as CVE-2025-9331. It is possible to launch the attack remotely. No exploit is available.

CVE-2025-9331 | Spacious Plugin up to 1.9.11 on WordPress Demo Data Import welcome_notice_import_handler authorization

Post correlati

CVE-2024-6062 | GPAC 2.5-DEV-rev228-g11067ea92-master MP4Box src/filters/load_text.c swf_svg_add_iso_sample null pointer dereference (Issue 2872)

CVE-2024-4499 | parisneo lollms up to 9.6 XTTS Server cross-site request forgery

CVE-2024-33938 | codename065 Sliding Widgets Plugin up to 1.5.0 on WordPress cross site scripting

CVE-2024-26988 | Linux Kernel up to 5.15.156/6.1.87/6.6.28/6.8.7/6.9-rc4 init/main.c static_command_line buffer overflow