Cross-Site Request Forgery Vulnerability in David Shabtai Post Author Plugin
CVE-2025-28950
7.1HIGH
What is CVE-2025-28950?
A Cross-Site Request Forgery (CSRF) vulnerability in the David Shabtai Post Author plugin allows an attacker to execute malicious actions on behalf of an authenticated user. This can lead to Stored Cross-Site Scripting (XSS) attacks. The vulnerability affects versions from n/a through 1.1.1, posing significant risks for users who utilize this plugin in their WordPress installations.
Affected Version(s)
Post Author <= 1.1.1