CSRF Vulnerability in Advanced Classifieds & Directory Pro Plugin by Pluginsware
CVE-2025-68580
8.8HIGH
Key Information:
- Vendor
WordPress
- Vendor
- CVE Published:
- 24 December 2025
What is CVE-2025-68580?
The Advanced Classifieds & Directory Pro plugin by Pluginsware is susceptible to a Cross-Site Request Forgery (CSRF) vulnerability. This issue enables an attacker to potentially perform unauthorized actions on behalf of an authenticated user without their consent. This flaw affects all versions up to and including 3.2.9, making any installation of this plugin at risk. Implementing proper validation and security measures is crucial to mitigate the impact of such vulnerabilities.
Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.
Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.
Affected Version(s)
Advanced Classifieds & Directory Pro <= n/a
References
CVSS V3.1
Score:
8.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved
Credit
Nabil Irawan | Patchstack Bug Bounty Program