CVE-2025-12358 | ShopEngine Plugin up to 4.8.5 on WordPress Wishlist post_add_to_list cross-site request forgery

A vulnerability classified as problematic was found in ShopEngine Plugin up to 4.8.5 on WordPress. Impacted is the function post_add_to_list of the component Wishlist Handler. The manipulation results in cross-site request forgery.

This vulnerability is reported as CVE-2025-12358. The attack can be launched remotely. No exploit exists.VulDB Recent EntriesRead More