CVE-2025-10745
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-09-26

Last updated on: 2025-09-26

Assigner: Wordfence

Description
The Banhammer – Monitor Site Traffic, Block Bad Users and Bots plugin for WordPress is vulnerable to Blocking Bypass in all versions up to, and including, 3.4.8. This is due to a site-wide “secret key” being deterministically generated from a constant character set using md5() and base64_encode() and then stored in the `banhammer_secret_key` option. This makes it possible for unauthenticated attackers to bypass the plugin’s logging and blocking by appending a GET parameter named `banhammer-process_{SECRET}` where `{SECRET}` is the predictable value, thereby causing Banhammer to abort its protections for that request.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-09-26
Last Modified
2025-09-26
Generated
2026-06-16
AI Q&A
2025-09-26
EPSS Evaluated
2026-06-15
NVD
CVE-2025-10745
EUVD
EUVD-2025-31209
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
jeff_starr banhammer 3.4.9
jeff_starr banhammer 3.4.8
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-330 The product uses insufficiently random numbers or values in a security context that depends on unpredictable numbers.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability exists in the Banhammer WordPress plugin where a site-wide secret key is generated in a predictable way using md5() and base64_encode(). Because the secret key is predictable, an unauthenticated attacker can bypass the plugin's logging and blocking features by appending a specially crafted GET parameter containing the secret key to their request. This causes the plugin to skip its protections for that request.

Impact Analysis

An attacker can bypass the Banhammer plugin's blocking and logging mechanisms, allowing malicious users or bots to access the site without being detected or blocked. This could lead to increased unwanted traffic, potential abuse, or exploitation of other vulnerabilities since the plugin's protections are effectively disabled for those requests.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-10745. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart