CVE-2025-53345
Deferred Deferred - Pending Action
Missing Authorization in Thim Core Plugin

Publication date: 2026-06-02

Last updated on: 2026-06-02

Assigner: Patchstack

Description
Missing Authorization vulnerability leading to code execution after installing malicious vulnerable plugin in ThimPress Thim Core. This issue affects Thim Core: from n/a through 2.3.3.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-06-02
Last Modified
2026-06-02
Generated
2026-06-22
AI Q&A
2026-06-02
EPSS Evaluated
2026-06-21
NVD
CVE-2025-53345
EUVD
EUVD-2025-210031
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
thimpress thim_core From 2.3.0 (inc) to 2.3.3 (inc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-862 The product does not perform an authorization check when an actor attempts to access a resource or perform an action.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2025-53345 is a Missing Authorization vulnerability in the WordPress Thim Core Plugin versions 2.3.3 and below. It allows attackers with subscriber-level access to remotely execute arbitrary code on affected websites. This means that even users with limited privileges can exploit this flaw to run malicious code, potentially compromising the site.

The vulnerability is classified under OWASP Top 10's A1: Broken Access Control category, indicating a failure to properly restrict user permissions.

Impact Analysis

This vulnerability can have a significant impact as it allows attackers to execute arbitrary code remotely on your website if they have subscriber-level access. This can lead to unauthorized changes, data manipulation, or further compromise of the website's security.

  • Potential takeover or defacement of the website.
  • Injection of malicious scripts or malware.
  • Loss of control over website content and functionality.
  • Increased risk of data breaches or further exploitation.
Detection Guidance

This vulnerability allows arbitrary code execution by attackers with subscriber-level access to affected WordPress sites using the Thim Core plugin version 2.3.3 or below.

To detect exploitation attempts on your system or network, you can monitor web server logs for suspicious requests targeting the Thim Core plugin endpoints or unusual activity from subscriber-level accounts.

Patchstack has provided a temporary mitigation rule to block attacks, which may include specific detection signatures or firewall rules.

However, no specific commands or detection scripts are provided in the available resources.

Mitigation Strategies

Immediate mitigation steps include updating the Thim Core plugin to a fixed version once available.

Since no official patch is available as of the report date, applying the temporary mitigation rule provided by Patchstack to block attacks is advised.

Additionally, restricting subscriber-level access and monitoring for suspicious activity can help reduce risk.

Seeking assistance from hosting providers or developers to implement these mitigations is recommended.

Compliance Impact

The vulnerability is a Missing Authorization issue classified under OWASP Top 10's A1: Broken Access Control, allowing malicious actors with subscriber-level access to execute arbitrary code remotely.

Such unauthorized code execution can lead to integrity issues and potential unauthorized access or manipulation of data, which may impact compliance with standards like GDPR and HIPAA that require strict access controls and protection of sensitive data.

However, the provided information does not explicitly detail the direct effects on compliance with these regulations.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-53345. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart