Cross-Site Request Forgery in Aioseo Multibyte Descriptions by WordPress
CVE-2025-53327

4.3MEDIUM

Key Information:

Vendor: WordPress
Status: AiOSeo Multibyte Descriptions
Vendor: CVE Published:; 27 June 2025

What is CVE-2025-53327?

Aioseo Multibyte Descriptions, a plugin for WordPress, is susceptible to a Cross-Site Request Forgery (CSRF) vulnerability. This flaw allows an attacker to trick users into executing unwanted actions on a web application where they are authenticated. The vulnerability affects all versions up to 0.0.6, potentially leading to unauthorized changes to user settings or content without their consent.

Affected Version(s)

Aioseo Multibyte Descriptions <= 0.0.6

References

https://patchstack.com/database/wordpress/plugin/aioseo-m...

vdb-entry

CVSS V3.1

Score:

4.3

Severity:

MEDIUM

Confidentiality:

None

Integrity:

Low

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 27, 2025
Vulnerability Reserved
Jun 27, 2025

Credit

Chu The Anh (Blue Rock) (Patchstack Alliance)