First published: Fri Jan 24 2025(Updated: )
Cross-Site Request Forgery (CSRF) vulnerability in Epsiloncool WP Fast Total Search allows Cross Site Request Forgery. This issue affects WP Fast Total Search: from n/a through 1.78.258.
Credit: audit@patchstack.com
Affected Software | Affected Version | How to fix |
---|---|---|
WordPress WP Fast Total Search | <=1.78.258 | |
WP Fast Total Search | <=1.78.258 |
Update the WordPress WP Fast Total Search wordpress plugin to the latest available version (at least 1.79.262).
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2025-24572 is classified as a Cross-Site Request Forgery (CSRF) vulnerability with a potentially high severity due to its impact on user session integrity.
To fix CVE-2025-24572, update the Epsiloncool WP Fast Total Search plugin to the latest version beyond 1.78.258.
CVE-2025-24572 affects the Epsiloncool WP Fast Total Search plugin versions from n/a through 1.78.258.
Yes, CVE-2025-24572 can be exploited remotely as it allows an attacker to perform actions on behalf of authenticated users without their consent.
CVE-2025-24572 poses significant security risks as it compromises the integrity of user actions on WordPress sites that utilize the vulnerable plugin.