Platform
wordpress
Component
wp-manga-theme-madara
Opgelost in
2.2.4
CVE-2025-7712 represents a critical Arbitrary File Access vulnerability affecting the Madara - Core plugin for WordPress. This flaw allows unauthenticated attackers to delete files on the server, posing a significant risk of remote code execution. The vulnerability impacts versions 0.0.0 through 2.2.3 of the plugin, and a fix is available in version 2.2.4.
The impact of CVE-2025-7712 is severe due to its potential for remote code execution. An attacker can exploit this vulnerability by crafting a malicious request to delete critical files, such as wp-config.php. Deletion of wp-config.php would effectively grant the attacker complete control over the WordPress installation, enabling them to modify the database, upload malicious code, and compromise the entire website. The lack of authentication required for exploitation significantly broadens the attack surface, making it accessible to a wide range of threat actors. Successful exploitation could lead to data breaches, website defacement, and complete system takeover.
CVE-2025-7712 has been publicly disclosed and is considered a high-priority vulnerability. Public proof-of-concept (PoC) code is likely to emerge, increasing the risk of exploitation. The vulnerability's ease of exploitation and potential for RCE suggest a high probability of active exploitation campaigns. The vulnerability was published on 2025-07-17. It is not currently listed on the CISA KEV catalog.
WordPress websites utilizing the Madara - Core plugin, particularly those running versions 0.0.0 through 2.2.3, are at significant risk. Shared hosting environments where file permissions are less restrictive are especially vulnerable, as are websites with outdated or unpatched WordPress installations.
• wordpress / composer / npm:
grep -r 'wp_manga_delete_zip' /var/www/html/wp-content/plugins/madara-core/• generic web:
curl -I https://your-wordpress-site.com/wp-content/plugins/madara-core/ | grep -i '2.2.3' # Check versiondisclosure
Exploit Status
EPSS
4.13% (89% percentiel)
CISA SSVC
CVSS-vector
The primary mitigation for CVE-2025-7712 is to immediately upgrade the Madara - Core plugin to version 2.2.4 or later. If upgrading is not immediately feasible due to compatibility issues or breaking changes, consider implementing temporary workarounds. While a direct WAF rule is difficult to implement due to the nature of the file deletion, restricting file access permissions on the server and carefully reviewing file upload configurations can help reduce the attack surface. Regularly scan the WordPress installation for unauthorized files and monitor server logs for suspicious activity related to file deletion attempts. After upgrading, confirm the fix by attempting a file deletion request through the plugin's interface and verifying that the request is properly rejected.
Werk de Madara - Core plugin bij naar versie 2.2.4 of hoger om de kwetsbaarheid voor willekeurige bestandverwijdering te mitigeren. Deze update corrigeert de validatie van bestandspaden, waardoor niet-geauthenticeerde aanvallers geen gevoelige bestanden op de server meer kunnen verwijderen, zoals wp-config.php.
Kwetsbaarheidsanalyses en kritieke waarschuwingen direct in uw inbox.
CVE-2025-7712 is a CRITICAL vulnerability in the Madara - Core WordPress plugin allowing unauthenticated attackers to delete files, potentially leading to remote code execution.
You are affected if you are using Madara - Core plugin versions 0.0.0 through 2.2.3. Upgrade immediately.
Upgrade the Madara - Core plugin to version 2.2.4 or later. If upgrading is not possible, implement temporary workarounds like restricting file access permissions.
While not confirmed, the vulnerability's severity and ease of exploitation suggest a high probability of active exploitation campaigns.
Refer to the official Madara - Core plugin website or WordPress plugin repository for the latest advisory and update information.
Upload je dependency-bestand en kom direct te weten of deze en andere CVEs jou raken.
Upload je dependency-bestand en kom direct te weten of deze en andere CVEs jou raken.