CVE-2025-55044
Received Received - Intake
CSRF in MuraCMS Trash Restore Allows Unauthorized Content Restoration

Publication date: 2026-03-18

Last updated on: 2026-03-20

Assigner: MITRE

Description
The Trash Restore CSRF vulnerability in MuraCMS through 10.1.10 allows attackers to restore deleted content from the trash to unauthorized locations through CSRF. The vulnerable cTrash.restore function lacks CSRF token validation, enabling malicious websites to forge requests that restore content to arbitrary parent locations when an authenticated administrator visits a crafted webpage. Successful exploitation of the Trash Restore CSRF vulnerability results in unauthorized restoration of deleted content to potentially inappropriate or malicious locations within the MuraCMS website structure. When an authenticated administrator visits a malicious webpage containing the CSRF exploit, their browser automatically submits a hidden form that restores specified content from the trash to a location determined by the attacker through the parentid parameter. This can lead to restoration of previously deleted malicious content, placement of sensitive documents in public areas, manipulation of website navigation structure, or restoration of outdated content that was intentionally removed for security or compliance reasons.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-03-18
Last Modified
2026-03-20
Generated
2026-06-16
AI Q&A
2026-03-18
EPSS Evaluated
2026-06-15
NVD
CVE-2025-55044
EUVD
EUVD-2025-208832
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
murasoftware mura_cms *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-352 The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

The Trash Restore CSRF vulnerability in MuraCMS through version 10.1.10 allows attackers to restore deleted content from the trash to unauthorized locations by exploiting a lack of CSRF token validation in the cTrash.restore function.

When an authenticated administrator visits a malicious webpage, their browser automatically submits a hidden form that restores specified content from the trash to a location chosen by the attacker using the parentid parameter.

This means attackers can force the restoration of deleted content to arbitrary places within the website structure without the administrator's consent.

Impact Analysis

Exploitation of this vulnerability can lead to unauthorized restoration of deleted content to inappropriate or malicious locations within the MuraCMS website.

  • Restoration of previously deleted malicious content.
  • Placement of sensitive documents in publicly accessible areas.
  • Manipulation of the website's navigation structure.
  • Restoration of outdated content that was intentionally removed for security or compliance reasons.
Compliance Impact

This vulnerability can negatively impact compliance with standards such as GDPR and HIPAA by enabling unauthorized restoration and exposure of sensitive or protected content.

Restoring sensitive documents to public areas or retaining outdated content that was removed for compliance reasons may lead to data breaches or violations of data protection regulations.

Detection Guidance

I don't know

Mitigation Strategies

To mitigate the Trash Restore CSRF vulnerability in MuraCMS, immediate steps include restricting access to the administrative interface to trusted users only and avoiding visiting untrusted or suspicious websites while logged in as an administrator.

Additionally, implementing CSRF token validation in the cTrash.restore function is necessary to prevent unauthorized restoration of deleted content.

Until a patch is available, administrators should be cautious about their browsing habits and consider temporarily disabling the trash restore functionality if possible.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-55044. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart