CVE-2025-10056

by Fred · 15/10/2025

The Task Scheduler plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 1.6.3 via the “Check Website” task. This makes it possible for authenticated attackers, with Administrator-level access and above, to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services.

More information : https://wordpress.org/plugins/task-scheduler/

CVE-2025-10056

Similar

Recent Posts

Categories

CVE-2025-10056

Share this:

Similar

Recent Posts

Categories

Tags