CVE-2025-7965

Publication date

2025-08-11 06:00:02

Family

WPScan

State

PUBLISHED

Description

The CBX Restaurant Booking WordPress plugin through 1.2.1 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack