Code Injection Vulnerability in WordPress Plugin
CVE-2025-49785

Currently unrated

Key Information:

Vendor: WordPress
Status: WordPress Plugin
Vendor: CVE Published:; 11 June 2025

What is CVE-2025-49785?

A vulnerability has been identified in a WordPress plugin that allows for code injection, potentially enabling attackers to execute arbitrary code on vulnerable systems. This can compromise the integrity and confidentiality of the site, leading to unauthorized access and malicious activities. It's crucial for users to update their installations and apply security patches to mitigate the risk associated with this vulnerability.

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 11, 2025