Filtered by vendor Themeisle
Subscriptions
Filtered by product Auto Featured Image
Subscriptions
Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-10145 | 2 Themeisle, Wordpress | 2 Auto Featured Image, Wordpress | 2026-01-16 | N/A |
| ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2023-7073. Reason: This candidate is a reservation duplicate of CVE-2023-7073. Notes: All CVE users should reference CVE-2023-7073 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage. | ||||
| CVE-2025-13794 | 2 Themeisle, Wordpress | 2 Auto Featured Image, Wordpress | 2025-12-16 | 4.3 Medium |
| The Auto Featured Image (Auto Post Thumbnail) plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the bulk_action_generate_handler function in all versions up to, and including, 4.2.1. This makes it possible for authenticated attackers, with Contributor-level access and above, to delete or generate featured images on posts they do not own. | ||||
Page 1 of 1.