CVE-2025-24749

CVE-2025-24749 is a Cross-Site Request Forgery (CSRF) vulnerability, mapped to CWE-352, in the EZPZ SAML SP Single Sign On (SSO) WordPress plugin from Overt Software Solutions LTD. It affects all versions of the plugin from n/a through 1.2.5. The vulnerability carries a CVSS v3.1 base score of 7.1, with vector AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L, indicating network accessibility, low attack complexity, no required privileges, user interaction needed, changed scope, and low impacts across confidentiality, integrity, and availability.

An unauthenticated attacker can exploit this CSRF flaw remotely by tricking an authenticated user into submitting a malicious request, such as via a forged link or form on a malicious site. Exploitation requires user interaction but no special privileges, enabling the attacker to perform unauthorized actions on behalf of the victim within the affected WordPress site.

The Patchstack advisory (https://patchstack.com/database/wordpress/plugin/ezpz-sp/vulnerability/wordpress-ezpz-saml-sp-single-sign-on-sso-plugin-1-2-5-csrf-to-stored-xss-vulnerability?_s_id=cve) describes this as a CSRF-to-stored XSS vulnerability in EZPZ SAML SP Single Sign On (SSO) plugin version 1.2.5. Security practitioners should check for plugin updates or patches from the vendor and apply them promptly, while considering temporary mitigations like CSRF token enforcement or disabling the plugin if SAML SSO is not essential.