Custom CSS, JS & PHP, CVE-2025-39601
- CVE, Research URL
- Home page URL
- Application
- Published on
- Apr 16, 2025
- Research Description
- Cross-Site Request Forgery (CSRF) vulnerability in WPFactory Custom CSS, JS & PHP allows Remote Code Inclusion. This issue affects Custom CSS, JS & PHP: from n/a through 2.4.1.
- Affected versions
-
Min -, max 2.4.2.
- Status
-
vulnerable
| Previous vulnerability researches |
|---|
| Category Icon (CVE-2024-8915) , Oct 13, 2024 |
| Category Icon (CVE-2025-31825) , Apr 05, 2025 |