Cross-Site Request Forgery Vulnerability in Mass Custom Fields Manager by Oren Yomtov
CVE-2025-23430
7.1HIGH
What is CVE-2025-23430?
A Cross-Site Request Forgery (CSRF) vulnerability exists in the Mass Custom Fields Manager plugin developed by Oren Yomtov. This security flaw permits malicious actors to exploit the plugin, potentially leading to reflected Cross-Site Scripting (XSS) attacks. Affected versions range from n/a to 1.5, putting users at risk of unauthorized actions being taken without user consent. It is crucial for administrators using this plugin to apply necessary patches and updates to mitigate these vulnerabilities.
Affected Version(s)
Mass Custom Fields Manager <= 1.5