CVE-2025-22704

CVSS 3.1 Score 5.4 of 10 (medium)

Details

Published Feb 3, 2025

CWE ID 352

Summary

CVE-2025-22704 is a Cross-Site Request Forgery (CSRF) vulnerability affecting the Abinav Thakuri WordPress Signature plugin. This issue enables an attacker to trick a user into making unintended actions on a web application, such as modifying their account settings or performing financial transactions, by forging a malicious request. The vulnerability is present in plugin versions from n/a through 0.1, making it crucial for users to update to the latest secure version to protect against potential attacks.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/2RZGrj
https://www.cve.org/CVERecord?id=CVE-2025-22704
https://nvd.nist.gov/vuln/detail/CVE-2025-22704

Back to Vulnerability Database

CVE-2025-22704

CVSS 3.1 Score 5.4 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations