CVE-2025-9890 | Theme Editor Plugin up to 3.0 on WordPress theme_editor_theme cross-site request forgery

October 18, 2025 Yanac

A vulnerability identified as problematic has been detected in Theme Editor Plugin up to 3.0 on WordPress. Affected is the function theme_editor_theme. The manipulation leads to cross-site request forgery.

This vulnerability is traded as CVE-2025-9890. It is possible to initiate the attack remotely. There is no exploit available.VulDB Recent EntriesRead More

CVE-2025-11926 | Related Posts Lite Plugin up to 1.12 on WordPress Setting cross site scripting
CVE-2025-11256 | Kognetiks Chatbot Plugin up to 2.3.5 on WordPress Conversation improper authorization