Medium severity6.5NVD Advisory· Published Jan 2, 2026· Updated Apr 15, 2026
CVE-2025-12685
CVE-2025-12685
Description
The WPBookit WordPress plugin through 1.0.7 lacks a CSRF check when deleting customers. This could allow an unauthenticated attacker to delete any customer through a CSRF attack.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.