从这个网页截图中可以获取到以下关于漏洞的关键信息: CVE: CVE-2025-13145 CVSS Score: 7.2 (High) Publicly Published: November 18, 2025 Last Updated: November 19, 2025 Researchers: Dieu Link, GCSC Vietnam Software Type: Plugin Affected Version: <= 7.33.1 Patched Version: 7.34 Remediation: Update to version 7.34, or a newer patched version Vulnerability-Type: PHP Object Injection via CSV Import Description: - This vulnerability can be triggered when a malicious CSV file is imported by an authenticated user (admin or above). If an attacker tricks a user into importing a specially crafted CSV file, targeting the target system, it could allow the attacker to delete arbitrary files, retrieve sensitive data, or execute code. References: - plugins.trac.wordpress.org - plugins.trac.wordpress.org This information provides a comprehensive overview of the vulnerability, its impact, and how to mitigate it.