CVE-2025-10137 | Snow Monkey Theme Plugin up to 29.1.5 on WordPress server-side request forgery

September 26, 2025 Yanac

A vulnerability classified as critical was found in Snow Monkey Theme Plugin up to 29.1.5 on WordPress. The impacted element is an unknown function. Executing manipulation can lead to server-side request forgery.

This vulnerability appears as CVE-2025-10137. The attack may be performed from remote. There is no available exploit.VulDB Recent EntriesRead More

CVE-2025-10490 | Dylan James Zephyr Project Manager Plugin up to 3.3.202 on WordPress cross site scripting
CVE-2025-10307 | Backuply Plugin up to 1.4.8 on WordPress improper authorization