exploitDog

CVE-2025-12685

Опубликовано: 02 янв. 2026

Источник: nvd

CVSS3: 6.5

EPSS Низкий

Описание

The WPBookit WordPress plugin through 1.0.7 lacks a CSRF check when deleting customers. This could allow an unauthenticated attacker to delete any customer through a CSRF attack.

Ссылки

https://wpscan.com/vulnerability/e5ba488a-b43d-4c5f-9716-4b24701999f3/

EPSS

Процентиль: 9%

0.00032

Низкий

6.5 Medium

CVSS3

Дефекты

Связанные уязвимости

GHSA-6w96-gvjq-xh8h

CVSS3: 6.5

github

около 1 месяца назад

The WPBookit WordPress plugin through 1.0.7 lacks a CSRF check when deleting customers. This could allow an unauthenticated attacker to delete any customer through a CSRF attack.

EPSS

Процентиль: 9%

0.00032

Низкий

6.5 Medium

CVSS3

Дефекты