Plattform
wordpress
Komponente
wpshop
Behoben in
2.6.2
CVE-2025-32576 is a critical Cross-Site Request Forgery (CSRF) vulnerability affecting WP shop, a WordPress plugin developed by Agence web Eoxia. This vulnerability allows an attacker to upload a malicious Web Shell to the web server, potentially leading to complete server compromise. The vulnerability impacts versions from 0.0.0 up to and including 2.6.1, and a patch is available in version 2.6.2.
The primary impact of CVE-2025-32576 is the ability for an attacker to upload a web shell to the WordPress server. A web shell is a malicious script that allows an attacker to execute arbitrary commands on the server with the privileges of the web server user. This can lead to complete server compromise, including data exfiltration, malware installation, and defacement. The CSRF nature of the vulnerability means an attacker can trigger the upload without direct user interaction, making it particularly dangerous. Successful exploitation could allow attackers to gain persistent access to the server and compromise sensitive data stored within the WordPress installation or connected databases.
CVE-2025-32576 was publicly disclosed on 2025-04-09. While no public proof-of-concept (PoC) code has been released at the time of writing, the severity of the vulnerability (CRITICAL) and the ease of exploitation (CSRF) suggest a high probability of exploitation. It is not currently listed on the CISA KEV catalog. Monitor security advisories and threat intelligence feeds for any indications of active exploitation campaigns targeting WP shop installations.
Organizations using WP shop plugin in their WordPress installations are at risk, particularly those running older, unpatched versions (0.0.0–2.6.1). Shared hosting environments are especially vulnerable, as they often have limited control over plugin updates and security configurations. Sites with custom themes or plugins that interact with WP shop are also at increased risk.
• wordpress / composer / npm:
wp plugin list | grep wpshop• wordpress / composer / npm:
wp plugin update --all• wordpress / composer / npm:
grep -r 'Agence web Eoxia' /var/www/html/wp-content/plugins/• generic web: Check for unusual files in the WordPress plugin directory (e.g., PHP files with suspicious names or content).
disclosure
Exploit-Status
EPSS
0.09% (26% Perzentil)
CISA SSVC
CVSS-Vektor
The primary mitigation for CVE-2025-32576 is to immediately upgrade the WP shop plugin to version 2.6.2 or later. If upgrading is not immediately feasible due to compatibility issues or testing requirements, consider implementing temporary workarounds. These may include implementing strict input validation and sanitization on file uploads within the plugin, as well as enabling CSRF protection mechanisms at the WordPress server level. Web Application Firewalls (WAFs) can be configured to detect and block suspicious file upload requests. After upgrading, verify the fix by attempting a file upload through a web browser while observing server logs for any unauthorized activity.
Actualice el plugin WP shop a la versión 2.6.2 o superior para mitigar la vulnerabilidad de Cross-Site Request Forgery (CSRF) que permite la subida de un web shell al servidor. Asegúrese de realizar una copia de seguridad de su sitio web antes de actualizar el plugin. Consulte la documentación del plugin para obtener instrucciones detalladas sobre cómo actualizar.
Schwachstellenanalysen und kritische Warnungen direkt in deinen Posteingang.
CVE-2025-32576 is a critical Cross-Site Request Forgery (CSRF) vulnerability in the WP shop WordPress plugin, allowing attackers to upload a Web Shell.
You are affected if you are using WP shop versions 0.0.0 through 2.6.1. Upgrade immediately.
Upgrade WP shop to version 2.6.2 or later. If immediate upgrade is not possible, implement temporary workarounds like restricting file uploads.
While no active exploitation campaigns have been confirmed, the vulnerability's severity and ease of exploitation suggest a high risk of exploitation.
Refer to the official WP shop website and WordPress security announcements for the latest advisory and updates.
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.