CSRF Vulnerability in Vimeotheque by Constantin Boiangiu
CVE-2025-68584

Currently unrated

Key Information:

Vendor

WordPress
Status
Vimeotheque
Vendor
CVE Published:
24 December 2025

What is CVE-2025-68584?

A Cross-Site Request Forgery (CSRF) vulnerability has been identified in the Vimeotheque plugin by Constantin Boiangiu. This security flaw enables attackers to trick authenticated users into executing unwanted actions on the web application without their consent. Affected versions include up to 2.3.5.2. It is crucial for users of the Vimeotheque plugin to update to the latest version to safeguard their sites from potential exploitation.

Affected Version(s)

Vimeotheque <= n/a

References

https://vdp.patchstack.com/database/Wordpress/Plugin/code...
vdb-entry

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

Nabil Irawan | Patchstack Bug Bounty Program
JSON
.
CVE-2025-68584 : CSRF Vulnerability in Vimeotheque by Constantin Boiangiu