What is CVE-2025-62866 — CSRF in Auto Alt Text WordPress Plugin?

CVE-2025-62866 is a Cross-Site Request Forgery (CSRF) vulnerability in the Auto Alt Text WordPress plugin, allowing attackers to perform unauthorized actions if a user clicks a malicious link.

Am I affected by CVE-2025-62866 in Auto Alt Text WordPress Plugin?

You are affected if you are using Auto Alt Text version 0.0.0 through 2.5.2. Check your plugin version and upgrade immediately if vulnerable.

How do I fix CVE-2025-62866 in Auto Alt Text WordPress Plugin?

Upgrade the Auto Alt Text plugin to version 2.5.3 or later to resolve the vulnerability. Consider implementing CSP and WAF rules as additional protection.

Is CVE-2025-62866 being actively exploited?

There is no confirmed active exploitation of CVE-2025-62866 at this time, but the vulnerability is publicly known and could be targeted.

Where can I find the official Auto Alt Text advisory for CVE-2025-62866?

Refer to the Auto Alt Text plugin's official website or WordPress plugin repository for the latest advisory and update information.

CVE-2025-62866 — Vulnerability Details

NEXTGUARD

Escanear grátis

CVE-2025-62866 — Vulnerability Details | NextGuard

Passos de Detecçãotraduzindo…

• wordpress / composer / npm:

grep -r 'wp_nonce_url' /var/www/html/wp-content/plugins/auto-alt-text/

• generic web:

curl -I https://example.com/wp-content/plugins/auto-alt-text/ | grep -i 'referer'

Plugin WordPress Auto Alt Text <= 2.5.2 - Vulnerabilidade Cross Site Request Forgery (CSRF)

Impacto e Cenários de Ataquetraduzindo…

Contexto de Exploraçãotraduzindo…

Quem Está em Riscotraduzindo…

Passos de Detecçãotraduzindo…

Linha do Tempo do Ataque

Inteligência de Ameaças

Software Afetado

Classificação de Fraqueza (CWE)

Linha do tempo

Mitigação e Soluções Alternativastraduzindo…

Como corrigir

Boletim de Segurança CVE

Perguntas frequentestraduzindo…

What is CVE-2025-62866 — CSRF in Auto Alt Text WordPress Plugin?

Am I affected by CVE-2025-62866 in Auto Alt Text WordPress Plugin?

How do I fix CVE-2025-62866 in Auto Alt Text WordPress Plugin?

Is CVE-2025-62866 being actively exploited?

Where can I find the official Auto Alt Text advisory for CVE-2025-62866?

Informações do pacote

Seu projeto está afetado?

Detecte esta CVE no seu projeto