CVE-2025-52789
BaseFortify
Publication date: 2025-06-20
Last updated on: 2026-04-23
Assigner: Patchstack
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-352 | The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a Cross-Site Request Forgery (CSRF) issue in the Lewe ChordPress WordPress plugin (versions up to 3.9.7). It allows an attacker to trick authenticated users with higher privileges into performing unauthorized actions, which can lead to stored Cross-Site Scripting (XSS) attacks. Essentially, an attacker can exploit this flaw to inject malicious scripts that persist on the site, potentially compromising user data or site integrity. [1]
How can this vulnerability impact me? :
If exploited, this vulnerability can allow attackers to execute unauthorized actions on behalf of privileged users, leading to stored XSS attacks. This can result in the compromise of user accounts, theft of sensitive information, defacement of the website, or further exploitation of the site. Although the risk is considered low and exploitation unlikely, it can still impact the security and trustworthiness of your website. [1]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
Detection involves monitoring for unauthorized actions triggered by CSRF attacks and signs of stored XSS in the Lewe ChordPress plugin up to version 3.9.7. Since no official patch or signature-based detection commands are provided, it is recommended to perform server-side malware scanning and professional incident response to identify compromise. Plugin-based scanners are not reliable as they can be tampered with by malware. Specific commands are not provided in the resources. [1]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include applying virtual patching (vPatching) offered by Patchstack, which auto-mitigates the vulnerability without performance loss even in the absence of an official fix. Users should monitor their systems closely and consider professional incident response and server-side malware scanning if compromise is suspected. Since no official patch is available, relying on vPatching and protective measures is advised. [1]