Platform
wordpress
Component
simple-folio
Fixed in
1.1.1
A Cross-Site Request Forgery (CSRF) vulnerability exists in PressTigers Simple Folio WordPress plugin. This flaw allows an attacker to potentially execute unauthorized actions on a user's account without their knowledge. The vulnerability affects versions from 0 up to and including 1.1.0. A patch has been released in version 1.1.1.
The CSRF vulnerability in Simple Folio allows attackers to craft malicious requests that appear to originate from a legitimate user. If successful, an attacker could modify plugin settings, create or delete portfolios, or perform other actions as the logged-in user. The impact is particularly concerning for administrators, as their actions could be hijacked to compromise the entire WordPress site. While the CVSS score is medium, the ease of exploitation and potential for widespread impact across WordPress installations warrants attention.
This vulnerability was publicly disclosed on 2025-12-09. There are currently no known public proof-of-concept exploits available. The vulnerability is not listed on the CISA KEV catalog at the time of writing. Given the relatively low CVSS score and lack of public exploits, the immediate risk of active exploitation is considered low, but vigilance is still advised.
Exploit Status
EPSS
0.02% (6% percentile)
CISA SSVC
CVSS Vector
The primary mitigation is to upgrade the Simple Folio plugin to version 1.1.1 or later, which contains the fix. If immediate upgrading is not possible, consider implementing a Web Application Firewall (WAF) rule to filter out suspicious requests targeting the vulnerable endpoints. Specifically, look for requests with unexpected origins or referers. Additionally, educate users about the risks of clicking on untrusted links and entering sensitive information on unfamiliar websites. After upgrading, verify the fix by attempting to submit a crafted CSRF request and confirming it is blocked.
Update to version 1.1.1, or a newer patched version
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2025-64256 is a Cross-Site Request Forgery (CSRF) vulnerability affecting versions 0–1.1.0 of the PressTigers Simple Folio WordPress plugin, allowing attackers to perform unauthorized actions.
You are affected if your WordPress site uses the Simple Folio plugin and is running version 0 through 1.1.0. Check your plugin versions immediately.
Upgrade the Simple Folio plugin to version 1.1.1 or later to resolve the vulnerability. Consider WAF rules as a temporary mitigation.
There are currently no known public exploits or confirmed active exploitation campaigns targeting CVE-2025-64256, but vigilance is still recommended.
Refer to the PressTigers website or WordPress plugin repository for the latest advisory and update information regarding CVE-2025-64256.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.