FuseWP – WordPress User Sync to Email List & Marketing Automation (Mailchimp, Constant Contact, ActiveCampaign etc.)

Vulnerabilities 2Slug fusewpLatest version 1.1.25.2WordPress.org →

Minimum safe version

1.1.23.1

Update to 1.1.23.1 or later to address 2 fixable vulnerabilities

Latest available1.1.25.2
Medium 4.3
2025-10-31< 1.1.23.1

CVE-2025-11975

CVEWordfence
Medium 4.3
2025-10-28< 1.1.23.1

WordPress FuseWP – WordPress User Sync to Email List & Marketing Automation Plugin <= 1.1.23.0 is vulnerable to Cross Site Request Forgery (CSRF)

PatchstackCVEEUVDWordfence