CVE-2025-6389

Name of the Vulnerable Software and Affected Versions Sneeit Framework plugin for WordPress versions prior to 8.4 Sneeit Framework versions 8.3 and earlier

Description The Sneeit Framework plugin for WordPress contains a Remote Code Execution (RCE) issue due to the sneeit articles pagination callback() function accepting user input and passing it through call user func(). This allows unauthenticated attackers to execute code on the server, potentially enabling them to inject backdoors or create new administrative user accounts. Over 1,700 active installations are estimated to be at risk. This issue is actively being exploited in the wild, with over 131,000 exploit attempts reported. The vulnerability has been leveraged in attacks related to the Frost botnet. The sneeit articles pagination callback() function is vulnerable. Attackers can exploit this through crafted AJAX requests.

Recommendations Versions prior to 8.4: Update to version 8.4 or later.