CVE-2025-48357

Vulnerability

Overview The Century ToolKit WordPress plugin (versions up to and including 1.2.1) is vulnerable to Cross-Site Request Forgery (CSRF) [1]. This flaw arises because the plugin lacks proper nonce validation or CSRF tokens on plugin activation/deactivation endpoints, allowing an attacker to trick an authenticated administrator into performing unintended actions.

Exploitation

Exploitation requires user interaction: a privileged user (e.g., administrator) must be tricked into clicking a malicious link or visiting a crafted page while authenticated to the WordPress admin. The attacker does not need direct network access to the target site, only the ability to deliver the forged request [1]. No authentication is needed on the attacker's side, but the victim must have a valid session.

Impact

Successful exploitation enables an attacker to activate arbitrary plugins, potentially deploying malicious plugins that could further compromise the site. This could lead to privilege escalation, site defacement, or data theft. The CVSS v3 score of 5.4 reflects medium severity, as the attack requires user interaction and impacts availability and integrity [1].

Mitigation

The vulnerability has been fixed in an updated version. Users are urged to update the Century ToolKit plugin to the latest available version. If an update is not possible, consider implementing Web Application Firewall (WAF) rules to block suspicious requests or restrict plugin management capabilities [1].