CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2025-4580

The File Provider WordPress plugin through 1.2.3 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 1.5%

CVSS Severity

CVSS v3 Score 4.3

References

https://wpscan.com/vulnerability/8741353a-2a7f-4dee-b62d-7f5fe435f1a1/

Products affected by CVE-2025-4580

Dimdavid » File Provider » Version: Any

cpe:2.3:a:dimdavid:file_provider:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-4580

Products

Pricing

Contact Us