CVE-2025-6389
Received
Published: 25 Nov 2025, 03:15
Last modified:25 Nov 2025, 03:15
Vulnerability Summary
Overall Risk
Medium Risk
39/100 AI Analysis
Emergency
Requires Immediate Action CVSS Score
9.8 CRITICAL
CVSS v3.1 (SECURITY)
EPSS Score
0.25% INFO
0% probability
CISA KEV
Not listed
Ransomware
No reports
Exploits
None found
Dark Web
Activity detected
Telegram
The Sneeit Framework plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 8.3 via the sneeit_articles_pagination_callback() function. This is due to the function accepting user input and then passing that through call_user_func(). This makes it possible for unauthenticated attackers to execute code on the server which can be leveraged to inject backdoors or, for example, create new administrative user accounts.
Source Identifier: security@wordfence.com
| CVSS | Source | Severity | Exploit. | Impact | Vector |
|---|---|---|---|---|---|
| v4.0 | n/a | ||||
| v3.1 | Primarysecurity@wordfence.com | 9.8 CRITICAL | 3.9 | 5.9 | CVSS:3.1/AV:N/AC:L/PR:N/U... |
| v3.0 | n/a | ||||
| v2.0 | n/a | ||||
0.25%
Current Score
49%ile
Percentile Rank
Loading chart...
Loading chart...
Improper Control of Generation of Code ('Code Injection') CWE-94
Description:The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.
Not listed in CISA Known Exploited Vulnerabilities catalog.
Telegram Activity Detected
This vulnerability has been mentioned in monitored Telegram channels, indicating potential threat actor interest.
No known public exploit code indexed (as of 25 Nov 2025, 03:15).
Exploitation status can change quickly once PoC code appears.
No affected systems information available.
| URL | Tags | Source |
|---|---|---|
| https://themeforest.net/item/flat-news-responsive-magazine-wordpress-theme/6000513#item-description__release-notes | - | security@wordfence.com |
| https://www.wordfence.com/threat-intel/vulnerabilities/id/b5ed8a39-50b0-4acf-9054-ba389c49f345?source=cve | - | security@wordfence.com |