{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-68082", "assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3", "state": "PUBLISHED", "assignerShortName": "Patchstack", "dateReserved": "2025-12-15T10:01:29.282Z", "datePublished": "2025-12-16T08:13:05.169Z", "dateUpdated": "2026-04-28T16:14:28.361Z"}, "containers": {"cna": {"affected": [{"collectionURL": "https://wordpress.org/plugins", "defaultStatus": "unaffected", "packageName": "semrush-contentshake", "product": "Semrush Content Toolkit", "vendor": "SEMrush CY LTD", "versions": [{"changes": [{"at": "1.1.33", "status": "unaffected"}], "lessThanOrEqual": "1.1.32", "status": "affected", "version": "0", "versionType": "custom"}]}], "credits": [{"lang": "en", "type": "finder", "value": "Nabil Irawan | Patchstack Bug Bounty Program"}], "datePublic": "2026-04-22T14:23:44.460Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Cross-Site Request Forgery (CSRF) vulnerability in SEMrush CY LTD Semrush Content Toolkit semrush-contentshake allows Cross Site Request Forgery.<p>This issue affects Semrush Content Toolkit: from n/a through <= 1.1.32.</p>"}], "value": "Cross-Site Request Forgery (CSRF) vulnerability in SEMrush CY LTD Semrush Content Toolkit semrush-contentshake allows Cross Site Request Forgery.This issue affects Semrush Content Toolkit: from n/a through <= 1.1.32."}], "impacts": [{"capecId": "CAPEC-62", "descriptions": [{"lang": "en", "value": "Cross Site Request Forgery"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-352", "description": "Cross-Site Request Forgery (CSRF)", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "21595511-bba5-4825-b968-b78d1f9984a3", "shortName": "Patchstack", "dateUpdated": "2026-04-28T16:14:28.361Z"}, "references": [{"tags": ["vdb-entry"], "url": "https://patchstack.com/database/Wordpress/Plugin/semrush-contentshake/vulnerability/wordpress-semrush-content-toolkit-plugin-1-1-32-cross-site-request-forgery-csrf-vulnerability?_s_id=cve"}], "title": "WordPress Semrush Content Toolkit plugin <= 1.1.32 - Cross Site Request Forgery (CSRF) vulnerability"}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-12-17T19:43:50.487507Z", "id": "CVE-2025-68082", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-27T18:32:55.552Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-68082", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-12-17T19:43:50.487507Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-12-17T19:43:40.887Z"}}], "cna": {"title": "WordPress Semrush Content Toolkit plugin <= 1.1.32 - Cross Site Request Forgery (CSRF) vulnerability", "credits": [{"lang": "en", "type": "finder", "value": "Nabil Irawan | Patchstack Bug Bounty Program"}], "impacts": [{"capecId": "CAPEC-62", "descriptions": [{"lang": "en", "value": "Cross Site Request Forgery"}]}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.4, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "SEMrush CY LTD", "product": "Semrush Content Toolkit", "versions": [{"status": "affected", "changes": [{"at": "1.1.33", "status": "unaffected"}], "version": "0", "versionType": "custom", "lessThanOrEqual": "1.1.32"}], "packageName": "semrush-contentshake", "collectionURL": "https://wordpress.org/plugins", "defaultStatus": "unaffected"}], "datePublic": "2026-04-22T14:23:44.460Z", "references": [{"url": "https://patchstack.com/database/Wordpress/Plugin/semrush-contentshake/vulnerability/wordpress-semrush-content-toolkit-plugin-1-1-32-cross-site-request-forgery-csrf-vulnerability?_s_id=cve", "tags": ["vdb-entry"]}], "descriptions": [{"lang": "en", "value": "Cross-Site Request Forgery (CSRF) vulnerability in SEMrush CY LTD Semrush Content Toolkit semrush-contentshake allows Cross Site Request Forgery.This issue affects Semrush Content Toolkit: from n/a through <= 1.1.32.", "supportingMedia": [{"type": "text/html", "value": "Cross-Site Request Forgery (CSRF) vulnerability in SEMrush CY LTD Semrush Content Toolkit semrush-contentshake allows Cross Site Request Forgery.<p>This issue affects Semrush Content Toolkit: from n/a through <= 1.1.32.</p>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-352", "description": "Cross-Site Request Forgery (CSRF)"}]}], "providerMetadata": {"orgId": "21595511-bba5-4825-b968-b78d1f9984a3", "shortName": "Patchstack", "dateUpdated": "2026-04-23T14:13:56.203Z"}}}, "cveMetadata": {"cveId": "CVE-2025-68082", "state": "PUBLISHED", "dateUpdated": "2026-04-27T18:32:55.552Z", "dateReserved": "2025-12-15T10:01:29.282Z", "assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3", "datePublished": "2025-12-16T08:13:05.169Z", "assignerShortName": "Patchstack"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Cross-Site Request Forgery (CSRF) vulnerability in SEMrush CY LTD Semrush Content Toolkit semrush-contentshake allows Cross Site Request Forgery.This issue affects Semrush Content Toolkit: from n/a through <= 1.1.32."}], "id": "CVE-2025-68082", "lastModified": "2026-04-27T19:16:24.973", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 2.5, "source": "audit@patchstack.com", "type": "Secondary"}]}, "published": "2025-12-16T09:16:03.223", "references": [{"source": "audit@patchstack.com", "url": "https://patchstack.com/database/Wordpress/Plugin/semrush-contentshake/vulnerability/wordpress-semrush-content-toolkit-plugin-1-1-32-cross-site-request-forgery-csrf-vulnerability?_s_id=cve"}], "sourceIdentifier": "audit@patchstack.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-352"}], "source": "audit@patchstack.com", "type": "Secondary"}]}

{}

{"analysis": {"en": {"generated_at": "2026-04-27T22:15:06.870364+00:00", "value": {"mitigation_remediation": ["Update the Semrush Content Toolkit plugin to a version newer than 1.1.32", "Verify that the new plugin release implements CSRF protection and test the change on a staging environment before deployment", "Restrict the plugin\u2019s functionality or user roles if a timely update is not possible, thereby limiting the potential impact of the CSRF flaw"], "summary": {"action": "Patch Now", "impact": "Cross\u2011Site Request Forgery (CSRF)"}, "threat_synthesis": {"affected_systems": "Semrush Content Toolkit plugin for WordPress, versions from the initial release through 1.1.32 are affected. Any WordPress installation using one of these plugin versions is at risk.", "description_and_impact": "The vulnerability is a CSRF flaw that allows an attacker to force a logged\u2011in user of a WordPress site to perform actions through the Semrush Content Toolkit plugin. Although the specific privileged actions that can be triggered are not enumerated, CSRF generally enables an attacker to change settings, submit content, or otherwise alter site state under the credentials of the victim. The weakness is identified as CWE\u2011352.", "risk_and_exploitability": "The CVSS score of 5.4 indicates moderate severity. The EPSS score of less than 1\u202f% reflects a low probability of attack at this time, and the vulnerability is not listed in the CISA KEV catalog. The attack vector is inferred to be remote, requiring a victim user to visit a malicious page that sends a forged request to the site with the plugin active. An attacker needs the victim to be authenticated and have sufficient privileges for the action that the plugin performs."}}}}, "created": "2025-12-16T17:08:43.836838+00:00", "updated": "2026-04-27T22:15:15.132227+00:00", "vendors": ["wordpress", "wordpress$PRODUCT$wordpress"]}