What is CVE-2025-14630 — CSRF in AdminQuickbar WordPress Plugin?

CVE-2025-14630 is a Cross-Site Request Forgery (CSRF) vulnerability in the AdminQuickbar WordPress plugin, allowing attackers to modify settings and post titles if they can trick an administrator into clicking a malicious link.

Am I affected by CVE-2025-14630 in AdminQuickbar WordPress Plugin?

Yes, if you are using AdminQuickbar plugin versions 1.0.0 through 1.9.3, you are affected by this vulnerability.

How do I fix CVE-2025-14630 in AdminQuickbar WordPress Plugin?

Upgrade the AdminQuickbar plugin to version 1.9.4 or later to resolve this vulnerability. Consider temporary workarounds if immediate upgrade is not possible.

Is CVE-2025-14630 being actively exploited?

There are currently no known active exploits, but the vulnerability's nature suggests potential for future exploitation.

Where can I find the official AdminQuickbar advisory for CVE-2025-14630?

Refer to the AdminQuickbar plugin's official website or WordPress plugin repository for the latest advisory and update information.

CVE-2025-14630 — Vulnerability Details

NEXTGUARD

Escanear grátis

CVE-2025-14630 — Vulnerability Details | NextGuard

Passos de Detecçãotraduzindo…

• wordpress / plugin:

wp plugin list | grep AdminQuickbar

• wordpress / plugin: Check the version number of the AdminQuickbar plugin. Versions prior to 1.9.4 are vulnerable. • wordpress / plugin: Examine the plugin's code for missing or incorrect nonce validation in the 'saveSettings' and 'renamePost' AJAX actions. Look for instances where user input is processed without proper verification. • generic web: Monitor server access logs for suspicious requests originating from unfamiliar sources targeting the plugin's AJAX endpoints (e.g., wp-admin/admin-ajax.php).

AdminQuickbar <= 1.9.3 - Cross-Site Request Forgery para Atualização de Configurações

Impacto e Cenários de Ataquetraduzindo…

Contexto de Exploraçãotraduzindo…

Quem Está em Riscotraduzindo…

Passos de Detecçãotraduzindo…

Linha do Tempo do Ataque

Inteligência de Ameaças

Software Afetado

Classificação de Fraqueza (CWE)

Linha do tempo

Mitigação e Soluções Alternativastraduzindo…

Como corrigir

Boletim de Segurança CVE

Perguntas frequentestraduzindo…

What is CVE-2025-14630 — CSRF in AdminQuickbar WordPress Plugin?

Am I affected by CVE-2025-14630 in AdminQuickbar WordPress Plugin?

How do I fix CVE-2025-14630 in AdminQuickbar WordPress Plugin?

Is CVE-2025-14630 being actively exploited?

Where can I find the official AdminQuickbar advisory for CVE-2025-14630?

Seu projeto está afetado?

Detecte esta CVE no seu projeto