CVE-2025-22704 – WordPress Signature plugin <= 0.1 - Cross Site Request Forgery ( CSRF ) vulnerability

https://notcve.org/view.php?id=CVE-2025-22704

31 Jan 2025 — Cross-Site Request Forgery (CSRF) vulnerability in Abinav Thakuri WordPress Signature allows Cross Site Request Forgery. This issue affects WordPress Signature: from n/a through 0.1. The WordPress Signature plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 0.1. This is due to missing or incorrect nonce validation on a function. This makes it possible for unauthenticated attackers to update settings and inject malicious web scripts via a forged request gra... • https://patchstack.com/database/wordpress/plugin/wordpress-signature/vulnerability/wordpress-wordpress-signature-plugin-0-1-cross-site-request-forgery-csrf-vulnerability?_s_id=cve • CWE-352: Cross-Site Request Forgery (CSRF) •