CVE-2025-2247 Information

Description

The WP-PManager WordPress plugin through 1.2 does not have CSRF check in place when updating its settings which could allow attackers to make a logged in admin change them via a CSRF attack

Reference

https://wpscan.com/vulnerability/3974c5c3-887e-46bd-aad7-4f3169bff6de/