National Cyber Warfare Foundation (NCWF)


Warning: Undefined array key "PeopleID" in /var/www/html/includes/libUser.php on line 492

CVE-2025-11257
0 user ratings		2025-10-03 00:00:00
milo
CVEs
 - archive -- 

CVE-2025-11257

Date: 2025-10-03

CVE Link

The LLM Hubspot Blog Import plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'process_save_blogs' AJAX endpoint in all versions up to, and including, 1.0.1. This makes it possible for authenticated attackers, with Subscriber-level access and above, to trigger an import of all Hubspot data.



References:


Comments
new comment
Nobody has commented yet. Will you be the first?
  
Forum
CVEs


Copyright 2012 through 2026 - National Cyber Warfare Foundation - All rights reserved worldwide.