Plattform
wordpress
Komponente
vikinger
Behoben in
1.9.33
CVE-2025-4946 is an arbitrary file deletion vulnerability affecting the Vikinger WordPress theme. This flaw allows authenticated users with Subscriber-level access or higher to delete arbitrary files on the server. Successful exploitation can lead to remote code execution, particularly if critical configuration files like wp-config.php are targeted. The vulnerability impacts versions 0.0.0 through 1.9.32 of the Vikinger theme and requires the Vikinger Media plugin to be installed and active.
The primary impact of CVE-2025-4946 is the ability for an authenticated attacker to delete arbitrary files on a WordPress server. While requiring Subscriber-level access, this is a relatively low privilege, making a large number of WordPress sites potentially vulnerable. The most critical scenario involves deleting the wp-config.php file, which contains sensitive database credentials and configuration settings. Deletion of this file would effectively disable the WordPress site and potentially allow the attacker to gain control of the database. Successful exploitation could lead to complete compromise of the web server and data exfiltration. This vulnerability shares similarities with other file deletion vulnerabilities where the deletion of critical configuration files can lead to significant system disruption.
CVE-2025-4946 was publicly disclosed on 2025-07-02. No public proof-of-concept (PoC) code has been released at the time of writing, but the vulnerability's nature and ease of exploitation suggest a high probability of exploitation. It is not currently listed on the CISA KEV catalog. Given the relatively low privilege requirement (Subscriber access) and the potential for remote code execution, this vulnerability warrants immediate attention.
WordPress websites using the Vikinger theme, particularly those with the Vikinger Media plugin installed and active, are at risk. Sites with weak password policies or overly permissive user roles are especially vulnerable, as an attacker could easily gain Subscriber-level access. Shared hosting environments where multiple WordPress sites share the same server resources are also at increased risk, as a compromise of one site could potentially lead to the compromise of others.
• wordpress / composer / npm:
grep -r 'vikinger_delete_activity_media_ajax' /var/www/html/wp-content/plugins/• wordpress / composer / npm:
wp plugin list | grep vikinger• wordpress / composer / npm:
curl -I http://your-wordpress-site.com/wp-admin/admin-ajax.php?action=vikinger_delete_activity_media_ajax | grep -i '200 OK'disclosure
Exploit-Status
EPSS
2.19% (84% Perzentil)
CISA SSVC
CVSS-Vektor
Since a patched version of the Vikinger WordPress theme is not yet available, immediate mitigation steps are essential. The most effective short-term solution is to implement a Web Application Firewall (WAF) rule that blocks requests to the vikingerdeleteactivitymediaajax() endpoint, specifically filtering for potentially malicious file paths. Alternatively, restrict file permissions on the WordPress server to prevent the webserver user from deleting files outside of the designated WordPress directory. Disable the Vikinger Media plugin if it is not essential. Regularly monitor WordPress logs for suspicious activity, particularly attempts to access or modify files. After implementing these mitigations, verify their effectiveness by attempting to access the vulnerable endpoint with a controlled, non-destructive request.
Actualice el tema Vikinger a una versión posterior a 1.9.32 para mitigar la vulnerabilidad de eliminación arbitraria de archivos. Asegúrese de que el plugin Vikinger Media también esté actualizado. Verifique los permisos de los archivos y directorios para limitar el acceso y reducir el riesgo de explotación.
Schwachstellenanalysen und kritische Warnungen direkt in deinen Posteingang.
CVE-2025-4946 is a HIGH severity vulnerability in the Vikinger WordPress theme allowing authenticated users to delete arbitrary files, potentially leading to remote code execution if critical files like wp-config.php are targeted. It affects versions 0.0.0–1.9.32.
You are affected if your WordPress site uses the Vikinger theme, specifically versions 0.0.0 through 1.9.32, and the Vikinger Media plugin is installed and active. Check your theme version immediately.
Upgrade the Vikinger WordPress theme to a patched version as soon as it becomes available. Until then, restrict file permissions and consider using a WAF to mitigate the risk.
While no public exploits have been released yet, the vulnerability's ease of exploitation suggests active exploitation is possible. Monitor your systems closely.
Check the official Vikinger WordPress theme website and the WordPress plugin repository for updates and advisories related to CVE-2025-4946.
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.