AI description
CVE-2025-6389 refers to a vulnerability in the Sneeit Framework plugin for WordPress, affecting versions up to and including 8.3. The vulnerability allows for Remote Code Execution (RCE) due to the `sneeit_articles_pagination_callback()` function accepting user input and passing it through `call_user_func()`. This vulnerability makes it possible for unauthenticated attackers to execute code on the server. This can be leveraged to inject backdoors or create new administrative user accounts.
- Description
- The Sneeit Framework plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 8.3 via the sneeit_articles_pagination_callback() function. This is due to the function accepting user input and then passing that through call_user_func(). This makes it possible for unauthenticated attackers to execute code on the server which can be leveraged to inject backdoors or, for example, create new administrative user accounts.
- Source
- security@wordfence.com
- NVD status
- Awaiting Analysis
CVSS 3.1
- Type
- Primary
- Base score
- 9.8
- Impact score
- 5.9
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- Severity
- CRITICAL
- security@wordfence.com
- CWE-94
Hype score is a measure of social media activity compared against trending CVEs from the past 12 months. Max score 100.
- Hype score
8
WordPressのSneeit Frameworkに深刻な欠陥が見つかった(CVE-2025-6389)。認証不要でコード実行され、サイト乗っ取りが可能となる。公開当日から無差別攻撃が始まっている。
@yousukezan
8 Dec 2025
4483 Impressions
13 Retweets
30 Likes
17 Bookmarks
0 Replies
0 Quotes
📌 تم استغلال ثغرة خطيرة في إضافة Sneeit لوردبريس، تتعلق بتنفيذ التعليمات البرمجية عن بُعد (CVE-2025-6389) ومعدل خطورة 9.8. تؤثر الثغرة على جميع الإصدارات حتى 8.3 وتم
@Cybercachear
8 Dec 2025
49 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
⚠️ Hackers are exploiting a bug in the Sneeit Framework plugin (CVE-2025-6389) to run code on servers and create admin accounts on WordPress sites. ⚠️ Separately, a flaw in ICTBroadcast (CVE-2025-2611) lets attackers use the BROADCAST cookie for unauthenticated remote sh
@TheHackersNews
8 Dec 2025
18609 Impressions
55 Retweets
181 Likes
35 Bookmarks
3 Replies
2 Quotes
🚨 𝐇𝐚𝐜𝐤𝐞𝐫𝐬 𝐄𝐱𝐩𝐥𝐨𝐢𝐭 𝐖𝐨𝐫𝐝𝐏𝐫𝐞𝐬𝐬 𝐏𝐥𝐮𝐠𝐢𝐧 𝐅𝐥𝐚𝐰 𝐟𝐨𝐫 𝐑𝐞𝐦𝐨𝐭𝐞 𝐂𝐨𝐝𝐞 𝐄𝐱𝐞𝐜𝐮𝐭𝐢𝐨𝐧 • A critical RCE vulnerability exists in t
@PurpleOps_io
5 Dec 2025
39 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
WordPressの複数の有料テーマに同梱されるSneeit Frameworkで深刻なRCE脆弱性(CVE-2025-6389)が公表され、公開当日に大規模攻撃が殺到している。攻撃者は未更新サイトを即座に狙い、管理権限奪取やバックドア設置を次
@yousukezan
4 Dec 2025
1307 Impressions
1 Retweet
9 Likes
5 Bookmarks
0 Replies
0 Quotes
WordPress プラグイン「Sneeit Framework」に深刻な脆弱性(CVE-2025-6389) https://t.co/8M96o76l1p #セキュリティ対策Lab #セキュリティ #Security
@securityLab_jp
1 Dec 2025
83 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-6389 (CVSS:9.8, CRITICAL) is Awaiting Analysis. The Sneeit Framework plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 8..https://t.co/lHaSAFe6rR #cybersecurityawareness #cybersecurity #CVE #infosec #hacker #nvd #mitre
@cracbot
30 Nov 2025
51 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
GitHub - B1ack4sh/Blackash-CVE-2025-6389: CVE-2025-6389 https://t.co/LntuWMu7V6
@akaclandestine
26 Nov 2025
2484 Impressions
7 Retweets
27 Likes
20 Bookmarks
0 Replies
0 Quotes
🚨 CVE-2025-6389 Sneeit Framework (≤8.3) is under active exploitation. Unauthenticated attackers can trigger remote code execution (RCE) ⚠️ CVSS 9.8 Critical – Backdoors, admin account creation & full site takeover reported 🛡️ Update or disable now, enable
@MNovofastovsky
25 Nov 2025
46 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 CVE-2025-6389 Sneeit Framework (≤8.3) is under active exploitation. Unauthenticated attackers can trigger remote code execution (RCE) ⚠️ CVSS 9.8 Critical – Backdoors, admin account creation & full site takeover reported 🛡️ Update or disable now, enable
@MNovofastovsky
25 Nov 2025
5 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Critical WordPress Flaw (CVE-2025-6389, CVSS 9.8) Under Active Exploitation Allows Unauthenticated RCE https://t.co/wArXKYHIQJ
@Karma_X_Inc
25 Nov 2025
13 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[CVE-2025-6389: CRITICAL] WordPress plugin Sneeit Framework is vulnerable to Remote Code Execution in all versions up to 8.3. Attackers can exploit this to execute code on the server. #CyberSecurity#cve,CVE-2025-6389,#cybersecurity https://t.co/nPfhH6pPVj https://t.co/JIKlwIBDpj
@CveFindCom
25 Nov 2025
65 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨🚨CVE-2025-6389 (CVSS 9.8): Critical Unauthenticated RCE in Sneeit Framework for WordPress Search by vul.cve Filter👉vul.cve="CVE-2025-6389" ZoomEye Dork👉app="WordPress Sneeit Plugin" 308 public instances exposed. ZoomEye Link: https://t.co/8TdekJb41y Refer: 1. http
@zoomeye_team
25 Nov 2025
2554 Impressions
5 Retweets
36 Likes
8 Bookmarks
0 Replies
0 Quotes
🚨 CRITICAL: Sneeit Framework for WordPress (all versions) hit by CVE-2025-6389! Remote code execution risk for all sites — patch ASAP! 🛡️ https://t.co/PCUzJMLqgD #OffSeq #WordPress #CVE2025_6389 https://t.co/eEhtBeJ4w7
@offseq
25 Nov 2025
43 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
CVE-2025-6389 The Sneeit Framework plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 8.3 via the sneeit_articles_pagination_callback()… https://t.co/AJVERcztbA
@CVEnew
25 Nov 2025
196 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes