CVE-2025-1687 | ThemeMakers Car Dealer Automotive Theme up to 1.6.4 on WordPress update_user_profile cross-site request forgery

Posted by Angelo Barbosa | Feb 28, 2025 | CVE

A vulnerability classified as problematic has been found in ThemeMakers Car Dealer Automotive Theme up to 1.6.4 on WordPress. Affected is the function update_user_profile. The manipulation leads to cross-site request forgery.

This vulnerability is traded as CVE-2025-1687. It is possible to launch the attack remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2025-1687 | ThemeMakers Car Dealer Automotive Theme up to 1.6.4 on WordPress update_user_profile cross-site request forgery

Related Posts

CVE-2024-13285 | Drupal wkhtmltopdf Privilege Escalation

CVE-2024-43272 | Icegram Plugin up to 3.1.24 on WordPress missing authentication

CVE-2024-1069 | Contact Form Entries Plugin up to 1.3.2 on WordPress unrestricted upload

CVE-2024-57258 | DENEX U-Boot prior 2025.01-rc1 Memory Allocator integer overflow