Cross-Site Request Forgery in Simple Keyword to Link by Alessandro Piconi
CVE-2025-68573

Currently unrated

Key Information:

Vendor

WordPress
Status
Simple Keyword To Link
Vendor
CVE Published:
24 December 2025

What is CVE-2025-68573?

A Cross-Site Request Forgery (CSRF) vulnerability exists in the Simple Keyword to Link plugin developed by Alessandro Piconi. This security flaw permits unauthorized actions to be performed on behalf of authenticated users without their consent. Specifically, this issue affects the Simple Keyword to Link plugin versions up to and including 1.5, potentially compromising user data and website integrity. It is crucial for administrators to evaluate their installations and apply necessary updates to mitigate this risk.

Affected Version(s)

Simple Keyword to Link <= n/a

References

https://vdp.patchstack.com/database/Wordpress/Plugin/simp...
vdb-entry

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

Nabil Irawan | Patchstack Bug Bounty Program
JSON
.
CVE-2025-68573 : Cross-Site Request Forgery in Simple Keyword to Link by Alessandro Piconi