{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-12402", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "state": "PUBLISHED", "assignerShortName": "Wordfence", "dateReserved": "2025-10-28T14:28:21.667Z", "datePublished": "2025-11-04T04:27:19.651Z", "dateUpdated": "2026-04-08T17:05:11.637Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-08T17:05:11.637Z"}, "affected": [{"vendor": "bondnono", "product": "LinkedIn Resume", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "2.00", "versionType": "semver"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "The LinkedIn Resume plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.00. This is due to missing or incorrect nonce validation on the linkedinresume_printAdminPage() function. This makes it possible for unauthenticated attackers to update settings and inject malicious web scripts via a forged request granted they can trick a site administrator into performing an action such as clicking on a link."}], "title": "LinkedIn Resume <= 2.00 - Cross-Site Request Forgery to Stored Cross-Site Scripting", "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/87efa10d-d359-4258-9db2-811d5ae75c60?source=cve"}, {"url": "https://plugins.trac.wordpress.org/browser/linkedin-resume/tags/2.00/linkedinresume.php#L243"}, {"url": "https://plugins.trac.wordpress.org/browser/linkedin-resume/tags/2.00/linkedinresume.php#L245"}, {"url": "https://plugins.trac.wordpress.org/browser/linkedin-resume/tags/2.00/linkedinresume.php#L259"}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-352 Cross-Site Request Forgery (CSRF)", "cweId": "CWE-352", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "baseScore": 6.1, "baseSeverity": "MEDIUM"}}], "credits": [{"lang": "en", "type": "finder", "value": "JohSka"}], "timeline": [{"time": "2025-11-03T15:38:09.000Z", "lang": "en", "value": "Disclosed"}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-11-04T15:52:09.544560Z", "id": "CVE-2025-12402", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-11-04T15:52:16.797Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-12402", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-11-04T15:52:09.544560Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-11-04T15:52:13.801Z"}}], "cna": {"title": "LinkedIn Resume <= 2.00 - Cross-Site Request Forgery to Stored Cross-Site Scripting", "credits": [{"lang": "en", "type": "finder", "value": "JohSka"}], "metrics": [{"cvssV3_1": {"version": "3.1", "baseScore": 6.1, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}}], "affected": [{"vendor": "bondnono", "product": "LinkedIn Resume", "versions": [{"status": "affected", "version": "*", "versionType": "semver", "lessThanOrEqual": "2.00"}], "defaultStatus": "unaffected"}], "timeline": [{"lang": "en", "time": "2025-11-03T15:38:09.000Z", "value": "Disclosed"}], "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/87efa10d-d359-4258-9db2-811d5ae75c60?source=cve"}, {"url": "https://plugins.trac.wordpress.org/browser/linkedin-resume/tags/2.00/linkedinresume.php#L243"}, {"url": "https://plugins.trac.wordpress.org/browser/linkedin-resume/tags/2.00/linkedinresume.php#L245"}, {"url": "https://plugins.trac.wordpress.org/browser/linkedin-resume/tags/2.00/linkedinresume.php#L259"}], "descriptions": [{"lang": "en", "value": "The LinkedIn Resume plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.00. This is due to missing or incorrect nonce validation on the linkedinresume_printAdminPage() function. This makes it possible for unauthenticated attackers to update settings and inject malicious web scripts via a forged request granted they can trick a site administrator into performing an action such as clicking on a link."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-352", "description": "CWE-352 Cross-Site Request Forgery (CSRF)"}]}], "providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2025-11-04T04:27:19.651Z"}}}, "cveMetadata": {"cveId": "CVE-2025-12402", "state": "PUBLISHED", "dateUpdated": "2025-11-04T15:52:16.797Z", "dateReserved": "2025-10-28T14:28:21.667Z", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "datePublished": "2025-11-04T04:27:19.651Z", "assignerShortName": "Wordfence"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "The LinkedIn Resume plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.00. This is due to missing or incorrect nonce validation on the linkedinresume_printAdminPage() function. This makes it possible for unauthenticated attackers to update settings and inject malicious web scripts via a forged request granted they can trick a site administrator into performing an action such as clicking on a link."}], "id": "CVE-2025-12402", "lastModified": "2026-04-15T00:35:42.020", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 2.7, "source": "security@wordfence.com", "type": "Secondary"}]}, "published": "2025-11-04T05:16:12.567", "references": [{"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/browser/linkedin-resume/tags/2.00/linkedinresume.php#L243"}, {"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/browser/linkedin-resume/tags/2.00/linkedinresume.php#L245"}, {"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/browser/linkedin-resume/tags/2.00/linkedinresume.php#L259"}, {"source": "security@wordfence.com", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/87efa10d-d359-4258-9db2-811d5ae75c60?source=cve"}], "sourceIdentifier": "security@wordfence.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-352"}], "source": "security@wordfence.com", "type": "Secondary"}]}

{}

{"analysis": {"en": {"generated_at": "2026-04-22T11:46:45.803615+00:00", "value": {"mitigation_remediation": ["Update LinkedIn Resume to the latest version (if greater than 2.00 exists) or uninstall the plugin entirely.", "If an update is not available, patch the plugin by adding proper nonce verification or by disabling the linkedinresume_printAdminPage() function so that it no longer processes incoming requests.", "Restrict administrator access to trusted IP addresses, enable two\u2011factor authentication, and monitor for unfamiliar changes to plugin settings to detect potential covert exploitation."], "summary": {"action": "Apply patch", "impact": "Stored cross\u2011site scripting"}, "threat_synthesis": {"affected_systems": "Any WordPress site running the LinkedIn Resume plugin version 2.00 or earlier. The affected vendor is bondnono and the product name is LinkedIn Resume.", "description_and_impact": "The LinkedIn Resume plugin for WordPress contains a missing or incorrect nonce check in the linkedinresume_printAdminPage() function. This flaw allows an attacker, without authentication, to issue a forged request that updates the plugin\u2019s settings and stores a malicious script. That stored script is then executed when a site administrator visits the affected admin page, enabling cross\u2011site scripting in the context of privileged users and potentially allowing disclosure of sensitive data, defacement, or session hijacking. The underlying weakness is identified as Cross\u2011Site Request Forgery (CWE\u2011352).", "risk_and_exploitability": "The CVSS score of 6.1 indicates a moderate severity. The EPSS score of less than 1% suggests a very low exploitation probability, and the vulnerability is not listed in the CISA KEV catalog. Attackers must convince a site administrator to click a malicious link or otherwise trigger the forged request, but once the request is sent, the stored script is automatically executed. While the likelihood of exploitation is low, the impact on an administrator\u2019s session can be significant once executed, making it important to mitigate as soon as possible."}}}}, "created": "2025-11-04T16:33:09.708566+00:00", "updated": "2026-04-22T12:00:05.919147+00:00", "vendors": ["bondnono", "bondnono$PRODUCT$linkedin_resume", "wordpress", "wordpress$PRODUCT$wordpress"]}