CVE-2025-52790
BaseFortify
Publication date: 2025-06-20
Last updated on: 2026-04-23
Assigner: Patchstack
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-352 | The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-52790 is a Cross-Site Request Forgery (CSRF) vulnerability in the WordPress WP-DownloadCounter plugin (versions up to 1.01). It allows attackers to trick authenticated users with higher privileges into executing unwanted actions on the site, which can lead to stored Cross-Site Scripting (XSS) attacks and compromise site security. The plugin is abandoned and has no official fix, making it vulnerable unless mitigated by virtual patching or replacement. [1]
How can this vulnerability impact me? :
This vulnerability can impact you by allowing attackers to perform unauthorized actions on your WordPress site through CSRF, potentially leading to stored XSS attacks. This can compromise the security and integrity of your site, possibly resulting in data manipulation, unauthorized access, or further exploitation. Since the plugin is unmaintained and lacks official fixes, the risk remains unless you apply virtual patches or replace the plugin. [1]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
Detection of this vulnerability involves identifying if the WP-DownloadCounter plugin version 1.01 or earlier is installed and active on your WordPress site. Since the vulnerability is a CSRF allowing Stored XSS, network detection is challenging without specific signatures. Plugin-based malware scanners may be unreliable. It is recommended to check the plugin version via WordPress admin or by running commands such as 'wp plugin list' using WP-CLI to identify the installed version. No specific network commands or signatures are provided for detection. [1]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include deactivating the WP-DownloadCounter plugin, although this alone does not eliminate the threat. Since no official fix or updated version is available and the plugin is abandoned, it is strongly advised to replace the plugin with a maintained alternative. Applying a virtual patch (vPatch) provided by Patchstack can auto-mitigate the vulnerability rapidly. Seeking professional incident response is recommended if compromise is suspected. [1]