CVE-2023-25976

MEDIUM

CRM Perks Integration for Contact Form 7 and Zoho CRM, Bigin <= 1.2.2 - Cross-Site Request Forgery

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2023-25976. PoCs published by yaudahbanh.

AI-analyzed exploit summary The repository contains a collection of README files describing various WordPress plugin vulnerabilities, including CVE-2023-25976, which is a CSRF vulnerability in the 'Integration for Contact Form 7 and Zoho CRM, Bigin Plugin'. The descriptions are technical but lack exploit code or detailed analysis.

Description

Cross-Site Request Forgery (CSRF) vulnerability in CRM Perks Integration for Contact Form 7 and Zoho CRM, Bigin plugin <= 1.2.2 versions.

Exploits (1)

github WRITEUP
by yaudahbanh · poc
https://github.com/yaudahbanh/CVE-Archive/tree/main/CVE-2023-25976

The repository contains a collection of README files describing various WordPress plugin vulnerabilities, including CVE-2023-25976, which is a CSRF vulnerability in the 'Integration for Contact Form 7 and Zoho CRM, Bigin Plugin'. The descriptions are technical but lack exploit code or detailed analysis.

Classification
Writeup 90%
Attack Type
Csrf
Complexity
Moderate
Reliability
Theoretical
Target: WordPress Integration for Contact Form 7 and Zoho CRM, Bigin Plugin <= 1.2.2
Auth required
Prerequisites: Admin or high-privileged user session
devstral-2 · analyzed Feb 27, 2026 Full analysis →

References (1)

Core 1

Scores

CVSS v3 4.3
EPSS 0.0026
EPSS Percentile 16.7%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

Details

CWE
CWE-352
Status published
Products (2)
CRM Perks/Integration for Contact Form 7 and Zoho CRM, Bigin < 1.2.2
crmperks/integration_for_contact_form_7_and_zoho_crm\,_bigin < 1.2.2
Published May 26, 2023
Tracked Since Feb 18, 2026