CVE-2025-58224: 
WordPress vulnerability analysis and mitigation

A Cross-Site Request Forgery (CSRF) vulnerability was discovered in Printeers Print & Ship WordPress plugin versions through 1.17.0. The vulnerability was reported on July 30, 2025, and publicly disclosed on September 22, 2025. This security issue affects all versions of the Printeers Print & Ship plugin up to and including version 1.17.0 (Patchstack).

The vulnerability has been assigned CVE-2025-58224 and received a CVSS v3.1 Base Score of 5.4 (Medium) with the vector string CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L. The issue is classified as CWE-352 (Cross-Site Request Forgery). The vulnerability can be exploited without authentication, requiring user interaction (Patchstack).

This vulnerability could allow malicious actors to force higher privileged users to execute unwanted actions under their current authentication. The severity is considered low, with potential impacts on integrity and availability being limited (Patchstack).

As of the disclosure date, no official fix is available for this vulnerability. The issue affects versions up to 1.17.0, and no patched version has been released (Patchstack).