Platform
wordpress
Component
semrush-contentshake
Opgelost in
1.1.33
CVE-2025-68082 describes a Cross-Site Request Forgery (CSRF) vulnerability discovered in the Semrush Content Toolkit. This vulnerability allows an attacker to trick a user into performing actions they did not intend to, potentially leading to unauthorized modifications or deletions within the toolkit. The vulnerability affects versions from 0.0.0 up to and including 1.1.32, and a fix is available in version 1.1.33.
A successful CSRF attack could allow an attacker to manipulate the Semrush Content Toolkit on behalf of an authenticated user. This could involve actions like modifying content, changing user settings, or even deleting data. The impact is directly tied to the permissions of the compromised user account. If a user with administrative privileges is targeted, the attacker could gain significant control over the toolkit's configuration and data. While CSRF typically requires social engineering to trick a user into clicking a malicious link, the potential for automated exploitation exists if the attacker can control the user's environment.
The vulnerability was publicly disclosed on December 16, 2025. No public proof-of-concept (PoC) code has been released at the time of this writing. The vulnerability is not currently listed on CISA KEV. The probability of exploitation is considered low to medium, pending the release of PoCs and the prevalence of targeted attacks.
Websites utilizing the Semrush Content Toolkit plugin, particularly those with users who have elevated privileges within the toolkit. Shared WordPress hosting environments are also at increased risk, as vulnerabilities in plugins can impact multiple sites.
• wordpress / composer / npm:
grep -r 'semrush-contentshake' /var/www/html/
wp plugin list | grep semrush-contentshake• generic web:
curl -I https://your-wordpress-site.com/wp-content/plugins/semrush-contentshake/ | grep Content-Security-Policydisclosure
Exploit Status
EPSS
0.02% (5% percentiel)
CISA SSVC
CVSS-vector
The primary mitigation for CVE-2025-68082 is to upgrade the Semrush Content Toolkit to version 1.1.33 or later. If immediate upgrading is not possible, consider implementing stricter input validation and output encoding within the application to reduce the attack surface. Additionally, enabling Content Security Policy (CSP) headers can help prevent the browser from executing malicious scripts from untrusted sources. While a direct WAF rule is unlikely, generic CSRF protection rules might offer some limited defense. After upgrading, verify the fix by attempting a CSRF attack against a test user account and confirming that the attack is blocked.
Update naar versie 1.1.33, of een nieuwere gepatchte versie
Kwetsbaarheidsanalyses en kritieke waarschuwingen direct in uw inbox.
CVE-2025-68082 is a Cross-Site Request Forgery (CSRF) vulnerability affecting Semrush Content Toolkit versions 0.0.0–1.1.32, allowing attackers to perform unauthorized actions.
You are affected if you are using Semrush Content Toolkit versions 0.0.0 through 1.1.32. Upgrade to 1.1.33 to mitigate the risk.
Upgrade the Semrush Content Toolkit plugin to version 1.1.33 or later. Consider implementing stricter input validation and CSP headers as additional security measures.
There is no confirmed active exploitation of CVE-2025-68082 at this time, but the risk remains until the vulnerability is patched.
Refer to the Semrush security advisory for details and updates regarding CVE-2025-68082: [https://www.semrush.com/security/advisories/](https://www.semrush.com/security/advisories/)
Upload je dependency-bestand en kom direct te weten of deze en andere CVEs jou raken.
Upload je dependency-bestand en kom direct te weten of deze en andere CVEs jou raken.