CVE-2025-22312
CVSS 3.1 Score 6.5 of 10 (medium)
Details
Published Jan 7, 2025
CWE ID 79
Summary
CVE-2025-22297 is a Cross-Site Request Forgery (CSRF) vulnerability affecting the AI WP Writer plugin for WordPress. This issue enables attackers to manipulate users into performing unwanted actions on a website they are already logged into. The vulnerability can be exploited by an attacker to make unauthorized modifications to user data or take other actions on behalf of the user. The flaw impacts versions of AI WP Writer from n/a through 3.8.4.4. Users are advised to update to the latest patched version of the plugin to mitigate this risk.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share
Affected Vendors
- ThimPress