WordPress WordPress Tooltips Plugin <= 8.2.5 is vulnerable to Cross Site Request Forgery (CSRF)
CVE-2023-25985
8.8HIGH
What is CVE-2023-25985?
A Cross-Site Request Forgery (CSRF) vulnerability exists in the WordPress Tooltips plugin developed by Tomas. This flaw can potentially allow an attacker to perform unauthorized actions on behalf of users without their consent, exploiting the trust that a web application has in the user's browser. Affected versions range from n/a up to 8.2.5, highlighting the need for users to update their plugins to mitigate the risk of exploitation.
Affected Version(s)
WordPress Tooltips <= 8.2.5