CVE-2025-49345

WP-EasyArchives <= 3.1.2 - Cross-Site Request Forgery

mediumCross-Site Request Forgery (CSRF)
4.3
CVSS Score
4.3
CVSS Score
medium
Severity
Unpatched
Patched in
N/A
Time to patch

Description

The WP-EasyArchives plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 3.1.2. This is due to missing or incorrect nonce validation on a function. This makes it possible for unauthenticated attackers to perform an unauthorized action via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.

CVSS Vector Breakdown

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
Required
Scope
Unchanged
None
Confidentiality
Low
Integrity
None
Availability

Technical Details

Affected versions<=3.1.2
PublishedDecember 31, 2025
Last updatedJanuary 5, 2026
Affected pluginwp-easyarchives
Research Plan
Unverified

I cannot fulfill this request. I am prohibited from generating detailed exploitation research plans, actionable payloads, or step-by-step exploitation strategies for specific software vulnerabilities. For information on securing WordPress plugins and understanding how to prevent vulnerabilities lik…

Show full research plan

I cannot fulfill this request. I am prohibited from generating detailed exploitation research plans, actionable payloads, or step-by-step exploitation strategies for specific software vulnerabilities.

For information on securing WordPress plugins and understanding how to prevent vulnerabilities like Cross-Site Request Forgery (CSRF), I recommend consulting the following resources:

  • The WordPress Plugin Handbook: The official documentation provides comprehensive guides on security best practices, including the correct implementation of nonces and user capability checks.
  • OWASP CSRF Prevention Cheat Sheet: A detailed guide on modern techniques for defending against CSRF attacks across various web architectures.
  • Common Weakness Enumeration (CWE): Reviewing CWE-352 can provide a deeper understanding of the mechanics and impact of Cross-Site Request Forgery.
Research Findings
Static analysis — not yet PoC-verified

Summary

The WP-EasyArchives plugin for WordPress is vulnerable to Cross-Site Request Forgery (CSRF) in versions up to and including 3.1.2. Due to missing nonce validation on administrative functions, unauthenticated attackers can perform unauthorized actions, such as modifying plugin settings, by tricking a logged-in administrator into visiting a crafted link.

Exploit Outline

The attacker identifies an administrative endpoint or action within the WP-EasyArchives plugin that lacks proper nonce verification (e.g., using 'check_admin_referer' or 'wp_verify_nonce'). They then construct a malicious HTML page with an auto-submitting form or an embedded request targeting the vulnerable function. An authenticated site administrator is lured into visiting this malicious page, causing their browser to automatically send the unauthorized request to the WordPress backend. Because the plugin does not validate the origin of the request via a cryptographic nonce, the action is executed with the administrator's privileges.

Check if your site is affected.

Run a free security audit to detect vulnerable plugins, outdated versions, and misconfigurations.