CVE-2025-8682
BaseFortify
Publication date: 2025-10-11
Last updated on: 2025-10-14
Assigner: Wordfence
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| wordpresstheme | ansar-import | * |
| wordpresstheme | newsup | 5.0.10 |
| wordpresstheme | newsup | 5.0.11 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-862 | The product does not perform an authorization check when an actor attempts to access a resource or perform an action. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
The vulnerability in the Newsup WordPress theme allows unauthenticated attackers to install a plugin called ansar-import without proper authorization. This happens because the function newsup_admin_info_install_plugin() lacks a capability check, meaning it does not verify if the user has permission to install plugins. As a result, attackers can exploit this to install plugins via AJAX requests without being logged in or authorized. [2]
How can this vulnerability impact me? :
This vulnerability can impact you by allowing unauthorized users to install potentially malicious plugins on your WordPress site using the Newsup theme. Such unauthorized plugin installations can lead to further compromise of your site, including data breaches, site defacement, or other malicious activities. It undermines the security of your WordPress installation by bypassing normal permission checks. [2]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
You can detect this vulnerability by checking if your WordPress installation is using the Newsup theme version 5.0.10 or earlier, which lacks proper capability checks for plugin installation. On the system, verify if the function newsup_admin_info_install_plugin() is present without user capability and nonce verification. Additionally, monitor for unauthorized AJAX requests to admin-ajax.php with the action install_act_plugin that do not include a valid nonce or come from unauthenticated users. Commands to check the theme version include: `wp theme list --status=active` to identify the active theme and its version, and inspecting the theme files for the presence or absence of nonce verification and capability checks in newsup-admin-plugin-install.php. Network monitoring tools can be used to detect suspicious POST requests to admin-ajax.php with action=install_act_plugin. [2]
What immediate steps should I take to mitigate this vulnerability?
The immediate mitigation step is to update the Newsup WordPress theme to version 5.0.11 or later, which includes security fixes such as nonce verification and user capability checks to prevent unauthorized plugin installations. If updating is not immediately possible, restrict access to the WordPress admin AJAX endpoint (admin-ajax.php) to authenticated and authorized users only, and consider disabling plugin installation capabilities for users who do not require them. Additionally, monitor and block suspicious AJAX requests attempting to install plugins without proper authorization. [2]