CVE-2025-12961 | Download Panel Plugin up to 1.3.3 on WordPress Setting dlpn_save_settings authorization

November 17, 2025 Yanac

A vulnerability marked as critical has been reported in Download Panel Plugin up to 1.3.3 on WordPress. Affected by this issue is the function dlpn_save_settings of the component Setting Handler. This manipulation causes missing authorization.

This vulnerability is tracked as CVE-2025-12961. The attack is possible to be carried out remotely. No exploit exists.VulDB Recent EntriesRead More