Platform
wordpress
Component
wp-admin-microblog
Opgelost in
3.1.2
CVE-2025-12173 describes a Cross-Site Request Forgery (CSRF) vulnerability affecting the WP Admin Microblog plugin for WordPress. This flaw allows unauthenticated attackers to potentially execute actions as an administrator, such as sending messages, by tricking them into clicking malicious links. The vulnerability impacts versions 0.0.0 through 3.1.1 of the plugin, and a fix is expected from the plugin developer.
The primary impact of this CSRF vulnerability is the potential for unauthorized actions to be performed on a WordPress site with administrator privileges. An attacker could craft a malicious link that, when clicked by an administrator, would trigger the sending of a message or other administrative actions without the administrator's knowledge or consent. This could be used to spread misinformation, compromise the site's reputation, or even gain further access to the system if the messages contain malicious content or links. The blast radius is limited to the scope of actions available through the WP Admin Microblog plugin.
CVE-2025-12173 was publicly disclosed on 2025-11-18. There are currently no known public proof-of-concept exploits available. The vulnerability's CVSS score of 4.3 (MEDIUM) indicates a moderate probability of exploitation. It is not currently listed on the CISA KEV catalog.
Websites utilizing the WP Admin Microblog plugin, particularly those with administrator accounts that frequently click on links from untrusted sources, are at risk. Shared hosting environments where multiple WordPress sites share the same server resources are also potentially vulnerable, as a compromise of one site could lead to attacks against others.
• wordpress / composer / npm:
grep -r 'wp-admin-microblog' /var/www/html/wp-content/plugins/• wordpress / composer / npm:
wp plugin list | grep "WP Admin Microblog"• wordpress / composer / npm:
curl -I https://example.com/wp-admin-microblog/ | grep -i 'referer'disclosure
Exploit Status
EPSS
0.03% (8% percentiel)
CISA SSVC
CVSS-vector
The immediate mitigation for CVE-2025-12173 is to upgrade the WP Admin Microblog plugin to a version that addresses the missing or incorrect nonce validation. If upgrading is not immediately possible due to compatibility issues or testing requirements, consider temporarily restricting administrator access to the 'wp-admin-microblog' page. While not a complete solution, this can reduce the attack surface. Monitor WordPress access logs for suspicious activity, particularly requests originating from unfamiliar sources targeting the plugin's administrative endpoints. After upgrading, confirm the fix by attempting to trigger a message send action via a crafted CSRF request and verifying that it is blocked.
Geen bekende patch beschikbaar. Bestudeer de details van de kwetsbaarheid grondig en pas mitigaties toe op basis van de risicotolerantie van uw organisatie. Het kan het beste zijn om de getroffen software te verwijderen en een vervanging te vinden.
Kwetsbaarheidsanalyses en kritieke waarschuwingen direct in uw inbox.
CVE-2025-12173 is a Cross-Site Request Forgery (CSRF) vulnerability in the WP Admin Microblog WordPress plugin, allowing attackers to potentially perform actions as an administrator.
You are affected if you are using WP Admin Microblog versions 0.0.0 through 3.1.1. Upgrade to a patched version as soon as possible.
Upgrade the WP Admin Microblog plugin to a version that addresses the nonce validation issue. If upgrading is not immediately possible, restrict administrator access to the plugin's administrative page.
As of now, there are no confirmed reports of active exploitation, but the vulnerability is publicly known and could be targeted.
Check the WP Admin Microblog plugin's official website or WordPress plugin repository for updates and advisories related to CVE-2025-12173.
Upload je dependency-bestand en kom direct te weten of deze en andere CVEs jou raken.
Upload je dependency-bestand en kom direct te weten of deze en andere CVEs jou raken.