High severity7.1NVD Advisory· Published Jan 31, 2025· Updated Apr 28, 2026

CVE-2025-24749

Description

Cross-Site Request Forgery (CSRF) vulnerability in Overt Software Solutions LTD EZPZ SAML SP Single Sign On (SSO) allows Cross Site Request Forgery. This issue affects EZPZ SAML SP Single Sign On (SSO): from n/a through 1.2.5.

Affected products

WordPress/Ezpz Spinferred
Range: <=1.2.5
Package: https://wordpress.org/plugins/ezpz-sp

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

patchstack.com/database/wordpress/plugin/ezpz-sp/vulnerability/wordpress-ezpz-saml-sp-single-sign-on-sso-plugin-1-2-5-csrf-to-stored-xss-vulnerabilitynvd

News mentions

No linked articles in our index yet.

cvss	0.461
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000