cvemon logocvemon logo

Activity

Trending

CVEs

CVE-2025-25072

Published Feb 7, 2025

Last updated 5 days ago

  1. Overview

  2. Weaknesses

  3. Social media

  4. References

Overview

Description
Cross-Site Request Forgery (CSRF) vulnerability in thunderbax WP Admin Custom Page wp-admin-custom-page allows Stored XSS.This issue affects WP Admin Custom Page: from n/a through <= 1.5.0.
Source
audit@patchstack.com
NVD status
Deferred

Weaknesses

audit@patchstack.com
CWE-352

Social media

Hype score
Not currently trending
  1. CVE-2025-25072 (CVSS:7.1, HIGH) is Awaiting Analysis. Cross-Site Request Forgery (CSRF) vulnerability in thunderbax WP Admin Custom Page allows Stored XSS. This issue affects..https://t.co/JHGcm2nANM #cybersecurityawareness #cybersecurity #CVE #infosec #hacker #nvd #mitre

    @cracbot

    12 Feb 2025

    28 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  2. CVE-2025-25072 Cross-Site Request Forgery (CSRF) vulnerability in thunderbax WP Admin Custom Page allows Stored XSS. This issue affects WP Admin Custom Page: from n/a through 1.5.0. https://t.co/PEzXcy61zp

    @CVEnew

    7 Feb 2025

    410 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

References

Sources include official advisories and independent security research.

  • https://nvd.nist.gov/vuln/detail/CVE-2025-25072
  • https://patchstack.com/database/Wordpress/Plugin/wp-admin-custom-page/vulnerability/wordpress-wp-admin-custom-page-plugin-1-5-0-csrf-to-stored-xss-vulnerability?_s_id=cve
TRY INTRUDER
Intruder logo

© 2026 Intruder Systems Ltd.

AboutPrivacySitemapFeeds