Cross-Site Request Forgery Vulnerability in GlobalQuran by ibasit
CVE-2025-25143

4.3MEDIUM

Key Information:

Vendor: Ibasit
Status: Globalquran
Vendor: CVE Published:; 7 February 2025

Summary

A Cross-Site Request Forgery (CSRF) vulnerability exists in the GlobalQuran plugin developed by ibasit. This flaw allows attackers to manipulate user settings without authorization, affecting versions from an unspecified release up to 1.0. It is crucial for users to ensure their installations are up-to-date and implement security measures to mitigate potential exploits.

Affected Version(s)

GlobalQuran <= 1.0

References

https://patchstack.com/database/wordpress/plugin/globalqu...

vdb-entry

CVSS V3.1

Score:

4.3

Severity:

MEDIUM

Confidentiality:

None

Integrity:

Low

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Feb 7, 2025
Vulnerability Reserved
Feb 3, 2025

Credit

0xd4rk5id3 (Patchstack Alliance)