Plattform
wordpress
Komponente
kallyas
Behoben in
4.21.1
CVE-2025-6989 is a high-severity vulnerability affecting the KALLYAS WordPress theme, specifically versions from 0.0.0 through 4.21.0. This vulnerability allows authenticated attackers, with Contributor-level access or higher, to delete arbitrary folders on the server. The root cause lies in insufficient file path validation within the delete_font() function. A fix is available in newer versions of the theme.
An attacker exploiting this vulnerability could gain significant control over a WordPress website's server. By deleting critical folders, they could disrupt website functionality, compromise sensitive data stored within those folders (e.g., database backups, configuration files), or even escalate their privileges to gain full server access. The ability to delete arbitrary folders represents a severe compromise, potentially leading to complete website defacement or data exfiltration. This vulnerability is particularly concerning given the theme's popularity and widespread use in e-commerce environments, where sensitive customer data is often stored.
This vulnerability has been publicly disclosed and assigned a CVSS score of 8.1 (HIGH). No public proof-of-concept (PoC) code has been released as of the publication date, but the ease of exploitation makes it a potential target for malicious actors. It is not currently listed on the CISA KEV catalog. Monitor WordPress security forums and vulnerability databases for any signs of active exploitation.
Websites using the KALLYAS theme, particularly those with contributor-level users who have write access to the WordPress file system, are at risk. Shared hosting environments where users have limited control over server file permissions are also particularly vulnerable. Sites running older, unpatched versions of the theme are most susceptible.
• wordpress / composer / npm:
wp plugin list | grep kallyas• wordpress / composer / npm:
grep -r 'delete_font(' /var/www/html/wp-content/plugins/kallyas/*• wordpress / composer / npm:
wp plugin update kallyas --all• wordpress / composer / npm:
wp theme list | grep kallyasdisclosure
Exploit-Status
EPSS
0.09% (26% Perzentil)
CISA SSVC
CVSS-Vektor
The primary mitigation for CVE-2025-6989 is to upgrade to a patched version of the KALLYAS theme. If upgrading immediately is not feasible, implement temporary workarounds. A Web Application Firewall (WAF) can be configured to block requests to the delete_font() function or to validate the file path being deleted. Additionally, restrict user roles to the minimum necessary permissions, preventing contributors from having the ability to delete files. Regularly review user roles and permissions to ensure they align with the principle of least privilege. After upgrading, verify the fix by attempting to delete a test folder with a contributor account; the action should be denied.
Actualice el tema Kallyas a la última versión disponible para solucionar la vulnerabilidad de eliminación arbitraria de carpetas. Asegúrese de realizar una copia de seguridad completa de su sitio web antes de actualizar el tema. Verifique que los permisos de los archivos y carpetas sean los correctos para evitar accesos no autorizados.
Schwachstellenanalysen und kritische Warnungen direkt in deinen Posteingang.
CVE-2025-6989 is a high-severity vulnerability in the KALLYAS WordPress theme allowing authenticated users to delete server folders due to flawed file path validation.
If you are using the KALLYAS WordPress theme version 0.0.0 through 4.21.0, you are potentially affected. Check your theme version and upgrade immediately.
Upgrade to the latest version of the KALLYAS theme. Consult the theme developer's website for the latest release and instructions.
While no active exploitation campaigns have been confirmed, the vulnerability is public and poses a significant risk. Monitor your systems for suspicious activity.
Refer to the KALLYAS theme developer's website or WordPress plugin repository for the official advisory and patch information.
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.