CVE-2025-12535 | SureForms Plugin up to 1.13.1 on WordPress REST API Endpoint wp_rest cross-site request forgery

November 18, 2025 Yanac

A vulnerability, which was classified as problematic, was found in SureForms Plugin up to 1.13.1 on WordPress. Affected by this issue is the function wp_rest of the component REST API Endpoint. Such manipulation leads to cross-site request forgery.

This vulnerability is traded as CVE-2025-12535. The attack may be launched remotely. There is no exploit available.VulDB Recent EntriesRead More