CVE-2025-13142 | Custom Post Type Plugin up to 1.0 on WordPress cross-site request forgery

November 21, 2025 Yanac

A vulnerability, which was classified as problematic, has been found in Custom Post Type Plugin up to 1.0 on WordPress. Impacted is an unknown function. The manipulation leads to cross-site request forgery.

This vulnerability is listed as CVE-2025-13142. The attack may be initiated remotely. There is no available exploit.VulDB Recent EntriesRead More

CVE-2025-11763 | Display Pages Shortcode Plugin up to 1.1 on WordPress column_count cross site scripting
CVE-2025-11770 | BrightTALK Shortcode Plugin up to 2.4.0 on WordPress format cross site scripting