CVE-2025-0316 | Chimpstudio WP Directorybox Manager Plugin up to 2.5 on WordPress wp_dp_enquiry_agent_contact_form_submit_callback authentication bypass

Posted by Angelo Barbosa | Feb 9, 2025 | CVE

A vulnerability was found in Chimpstudio WP Directorybox Manager Plugin up to 2.5 on WordPress. It has been classified as critical. Affected is the function wp_dp_enquiry_agent_contact_form_submit_callback. The manipulation leads to authentication bypass using alternate channel.

This vulnerability is traded as CVE-2025-0316. It is possible to launch the attack remotely. There is no exploit available.

CVE-2025-0316 | Chimpstudio WP Directorybox Manager Plugin up to 2.5 on WordPress wp_dp_enquiry_agent_contact_form_submit_callback authentication bypass

Related Posts

CVE-2024-9933 | WatchTowerHQ Plugin up to 3.9.6 on WordPress improper authentication

CVE-2024-10287 | LocalServer 1.0.9 /mlss/ForgotPassword ListName cross site scripting

CVE-2024-1824 | CodeAstro House Rental Management System 1.0 signing.php uname/password sql injection

CVE-2024-47651 | Shilpi Computers Client Dashboard prior 9.7.0 API Endpoint parameter pollution (CIVN-2024-0313)