CVE-2025-53345
Missing Authorization in Thim Core Plugin
Publication date: 2026-06-02
Last updated on: 2026-06-02
Assigner: Patchstack
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| thimpress | thim_core | From 2.3.0 (inc) to 2.3.3 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-862 | The product does not perform an authorization check when an actor attempts to access a resource or perform an action. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-53345 is a Missing Authorization vulnerability in the WordPress Thim Core Plugin versions 2.3.3 and below. It allows attackers with subscriber-level access to remotely execute arbitrary code on affected websites. This means that even users with limited privileges can exploit this flaw to run malicious code, potentially compromising the site.
The vulnerability is classified under OWASP Top 10's A1: Broken Access Control category, indicating a failure to properly restrict user permissions.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The vulnerability is a Missing Authorization issue classified under OWASP Top 10's A1: Broken Access Control, allowing malicious actors with subscriber-level access to execute arbitrary code remotely.
Such unauthorized code execution can lead to integrity issues and potential unauthorized access or manipulation of data, which may impact compliance with standards like GDPR and HIPAA that require strict access controls and protection of sensitive data.
However, the provided information does not explicitly detail the direct effects on compliance with these regulations.
How can this vulnerability impact me? :
This vulnerability can have a significant impact as it allows attackers to execute arbitrary code remotely on your website if they have subscriber-level access. This can lead to unauthorized changes, data manipulation, or further compromise of the website's security.
- Potential takeover or defacement of the website.
- Injection of malicious scripts or malware.
- Loss of control over website content and functionality.
- Increased risk of data breaches or further exploitation.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability allows arbitrary code execution by attackers with subscriber-level access to affected WordPress sites using the Thim Core plugin version 2.3.3 or below.
To detect exploitation attempts on your system or network, you can monitor web server logs for suspicious requests targeting the Thim Core plugin endpoints or unusual activity from subscriber-level accounts.
Patchstack has provided a temporary mitigation rule to block attacks, which may include specific detection signatures or firewall rules.
However, no specific commands or detection scripts are provided in the available resources.
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include updating the Thim Core plugin to a fixed version once available.
Since no official patch is available as of the report date, applying the temporary mitigation rule provided by Patchstack to block attacks is advised.
Additionally, restricting subscriber-level access and monitoring for suspicious activity can help reduce risk.
Seeking assistance from hosting providers or developers to implement these mitigations is recommended.