Plattform
wordpress
Komponente
ar-for-wordpress
Behoben in
8.34.1
CVE-2025-60156 describes a Cross-Site Request Forgery (CSRF) vulnerability discovered in AR For WordPress. This flaw allows an attacker to upload a malicious web shell to the web server, potentially granting them complete control. The vulnerability affects versions from 0.0.0 through 8.34, and a patch is available in version 7.98.1.
The impact of this vulnerability is severe. An attacker can exploit the CSRF flaw to trick a legitimate user into unknowingly executing a request that uploads a web shell. Once the web shell is uploaded, the attacker can gain remote code execution (RCE) on the server. This allows them to modify website content, steal sensitive data (including user credentials and database information), install malware, and potentially pivot to other systems on the network. The ability to upload a web shell provides a persistent backdoor, enabling long-term compromise even after the initial vulnerability is patched if the web shell isn't removed.
This vulnerability was publicly disclosed on 2025-09-26. While no active exploitation campaigns have been publicly confirmed, the ease of exploitation and the potential for significant impact make it a high-priority target. The ability to upload a web shell significantly increases the risk of long-term compromise. It's advisable to monitor for unusual file uploads and suspicious activity on WordPress installations using AR For WordPress.
Websites utilizing AR For WordPress, particularly those with limited security controls or shared hosting environments, are at significant risk. Sites with older, unpatched versions of the plugin are especially vulnerable. Administrators who haven't implemented robust CSRF protection measures are also at increased risk.
• wordpress / composer / npm:
wp plugin list | grep 'AR For WordPress'• wordpress / composer / npm:
wp plugin update --all• wordpress / composer / npm:
wp plugin status | grep 'AR For WordPress'• wordpress / composer / npm:
wp plugin path ar-for-wordpressdisclosure
Exploit-Status
EPSS
0.02% (5% Perzentil)
CISA SSVC
CVSS-Vektor
The primary mitigation is to immediately upgrade AR For WordPress to version 7.98.1 or later. If upgrading is not immediately possible due to compatibility issues or breaking changes, consider implementing temporary workarounds. These might include restricting file upload permissions, implementing strict input validation on all user-supplied data, and enabling CSRF protection mechanisms within the WordPress environment. Web Application Firewalls (WAFs) can be configured to block suspicious requests targeting file upload endpoints. After upgrading, verify the fix by attempting to upload a file through a browser with a different user account and confirming that the upload is blocked.
Actualice el plugin AR For WordPress a la última versión disponible para mitigar la vulnerabilidad de Cross-Site Request Forgery (CSRF). Verifique las actualizaciones en el repositorio de WordPress o en el sitio web del desarrollador. Implemente medidas de seguridad adicionales, como la validación de entradas y la protección CSRF, para fortalecer la seguridad de su sitio web.
Schwachstellenanalysen und kritische Warnungen direkt in deinen Posteingang.
CVE-2025-60156 is a critical Cross-Site Request Forgery (CSRF) vulnerability in AR For WordPress allowing attackers to upload web shells, potentially leading to server compromise.
If you are using AR For WordPress versions 0.0.0 through 8.34, you are affected by this vulnerability. Upgrade immediately.
Upgrade AR For WordPress to version 7.98.1 or later to resolve this vulnerability. Consider implementing additional security measures like CSP if immediate upgrade isn't possible.
While no active exploitation campaigns have been publicly confirmed, the vulnerability's severity and ease of exploitation make it a likely target.
Refer to the official AR For WordPress website or plugin repository for the latest security advisory and update information.
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.