CVE-2025-53338
BaseFortify
Publication date: 2025-06-27
Last updated on: 2026-04-23
Assigner: Patchstack
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-352 | The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a Cross-Site Request Forgery (CSRF) issue in the WordPress re.place plugin versions up to 0.2.1. It allows an attacker to trick authenticated users with higher privileges into performing unwanted actions on the site without their consent. This can lead to Stored Cross-Site Scripting (XSS) attacks, compromising the site's integrity. Exploitation does not require the attacker to be authenticated. [1]
How can this vulnerability impact me? :
The vulnerability can impact you by allowing attackers to execute unauthorized actions on your WordPress site if a privileged user is tricked into performing them. This can compromise site integrity, potentially leading to stored XSS attacks, data manipulation, or other malicious activities. Since exploitation requires no authentication, it increases the risk of opportunistic automated attacks. There is currently no official patch, so mitigation relies on virtual patching and professional incident response if compromise is suspected. [1]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
Detection of this vulnerability involves monitoring for suspicious CSRF attack patterns targeting the re.place plugin up to version 0.2.1. Since no official patch or signature-based detection is available, users are advised to perform server-side malware scanning and seek professional incident response if compromise is suspected. Plugin-based malware scanners are often unreliable. Specific commands are not provided in the resources. [1]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include applying virtual patching (vPatching) to block exploitation attempts, restricting access to the vulnerable plugin, and monitoring for suspicious activity. Since no official patch is available, users should consider disabling the plugin if possible and seek professional incident response and server-side malware scanning if compromise is suspected. [1]