Cross-Site Request Forgery Vulnerability in Social Ink Custom Post Type Lockdown
CVE-2025-23530
8.8HIGH
What is CVE-2025-23530?
A Cross-Site Request Forgery (CSRF) vulnerability has been identified in the Custom Post Type Lockdown plugin developed by Social Ink. This security flaw allows attackers to perform actions on behalf of authenticated users without their consent, potentially leading to privilege escalation. The vulnerability affects all versions of the plugin up to 1.11, emphasizing the need for immediate updates to ensure site integrity and protect user data. Website administrators need to address this issue promptly to mitigate associated risks.
Affected Version(s)
Custom Post Type Lockdown <= 1.11