{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-25T06:17:33.322","vulnerabilities":[{"cve":{"id":"CVE-2025-24749","sourceIdentifier":"audit@patchstack.com","published":"2025-01-31T09:15:11.760","lastModified":"2026-06-17T08:59:32.703","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Cross-Site Request Forgery (CSRF) vulnerability in Overt Software Solutions LTD EZPZ SAML SP Single Sign On (SSO) allows Cross Site Request Forgery. This issue affects EZPZ SAML SP Single Sign On (SSO): from n/a through 1.2.5."},{"lang":"es","value":"La vulnerabilidad Cross-Site Request Forgery (CSRF) en Overt Software Solutions LTD EZPZ SAML SP Single Sign On (SSO) permite Cross Site Request Forgery. Este problema afecta al inicio de sesión único (SSO) de EZPZ SAML SP: desde n/a hasta 1.2.5."}],"affected":[{"source":"audit@patchstack.com","affectedData":[{"vendor":"Overt Software Solutions LTD","product":"EZPZ SAML SP Single Sign On (SSO)","defaultStatus":"unaffected","collectionURL":"https://wordpress.org/plugins","packageName":"ezpz-sp","versions":[{"version":"n/a","lessThanOrEqual":"1.2.5","versionType":"custom","status":"affected","changes":[{"at":"1.2.6","status":"unaffected"}]}]}]}],"metrics":{"cvssMetricV31":[{"source":"audit@patchstack.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L","baseScore":7.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":2.8,"impactScore":3.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-01-31T15:26:40.376149Z","id":"CVE-2025-24749","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"audit@patchstack.com","type":"Secondary","description":[{"lang":"en","value":"CWE-352"}]}],"references":[{"url":"https://patchstack.com/database/wordpress/plugin/ezpz-sp/vulnerability/wordpress-ezpz-saml-sp-single-sign-on-sso-plugin-1-2-5-csrf-to-stored-xss-vulnerability?_s_id=cve","source":"audit@patchstack.com"}]}}]}