CVE-2025-11976 | FuseWP Plugin up to 1.1.23.0 on WordPress save_changes cross-site request forgery

October 24, 2025 Yanac

A vulnerability labeled as problematic has been found in FuseWP Plugin up to 1.1.23.0 on WordPress. This issue affects the function save_changes. The manipulation results in cross-site request forgery.

This vulnerability is known as CVE-2025-11976. It is possible to launch the attack remotely. No exploit is available.VulDB Recent EntriesRead More

CVE-2025-12034 | Fast Velocity Minify Plugin up to 3.5.1 on WordPress Setting cross site scripting
CVE-2025-10580 | Widget Options Plugin up to 4.1.2 on WordPress cross site scripting