Skip to main content

CVE-2025-30980: CWE-352 Cross-Site Request Forgery (CSRF) in Alessandro Piconi Simple Keyword to Link

Medium
VulnerabilityCVE-2025-30980cvecve-2025-30980cwe-352
Published: Fri Jun 06 2025 (06/06/2025, 12:54:05 UTC)
Source: CVE Database V5
Vendor/Project: Alessandro Piconi
Product: Simple Keyword to Link

Description

Cross-Site Request Forgery (CSRF) vulnerability in Alessandro Piconi Simple Keyword to Link allows Cross Site Request Forgery. This issue affects Simple Keyword to Link: from n/a through 1.5.

AI-Powered Analysis

AILast updated: 07/08/2025, 03:40:05 UTC

Technical Analysis

CVE-2025-30980 is a Cross-Site Request Forgery (CSRF) vulnerability identified in the WordPress plugin 'Simple Keyword to Link' developed by Alessandro Piconi. This vulnerability affects versions up to 1.5 of the plugin. CSRF vulnerabilities allow an attacker to trick an authenticated user into submitting a forged HTTP request to the vulnerable web application, causing the application to perform unwanted actions on behalf of the user without their consent. In this case, the vulnerability permits an attacker to induce state-changing actions within the plugin's functionality by exploiting the lack of proper anti-CSRF protections such as nonce verification or token validation. The CVSS v3.1 base score is 4.3, indicating a medium severity level. The vector string (CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N) shows that the attack can be performed remotely over the network without privileges or authentication, requires user interaction (such as clicking a malicious link), and impacts the integrity of the system but not confidentiality or availability. No known exploits are currently reported in the wild, and no patches have been linked yet. The vulnerability is classified under CWE-352, which specifically relates to CSRF issues. Since the plugin is used within WordPress environments, the attack surface includes websites that utilize this plugin for automatically linking keywords to URLs, potentially affecting content management and SEO-related functions.

Potential Impact

For European organizations, the impact of this CSRF vulnerability depends largely on the extent to which they use the Simple Keyword to Link plugin on their WordPress sites. While the vulnerability does not directly compromise confidentiality or availability, it can lead to unauthorized modifications of the plugin's settings or behavior, potentially altering website content or link structures. This could degrade website integrity, harm brand reputation, or be leveraged as part of a broader attack chain (e.g., injecting malicious links or redirecting users). Organizations in sectors with high reliance on web presence, such as e-commerce, media, and public services, may face reputational damage or indirect financial losses if attackers exploit this vulnerability. Since exploitation requires user interaction but no authentication, attackers could craft phishing campaigns targeting site administrators or editors to trigger the CSRF attack. Given the medium severity and lack of known exploits, the immediate risk is moderate, but it warrants attention to prevent escalation or combination with other vulnerabilities.

Mitigation Recommendations

To mitigate this vulnerability, European organizations should first verify if their WordPress sites use the Simple Keyword to Link plugin and identify the version in use. Immediate steps include: 1) Monitoring for official patches or updates from the plugin developer and applying them promptly once available. 2) Implementing Web Application Firewall (WAF) rules to detect and block suspicious CSRF attempts targeting the plugin's endpoints. 3) Enforcing strict Content Security Policy (CSP) headers to reduce the risk of malicious cross-site requests. 4) Educating site administrators and content editors about phishing risks and the importance of not clicking suspicious links while logged into administrative interfaces. 5) Reviewing and hardening WordPress security configurations, including limiting administrative privileges and session durations to reduce the window of opportunity for exploitation. 6) If feasible, temporarily disabling or replacing the plugin with alternatives that have verified CSRF protections until a patch is released. These measures go beyond generic advice by focusing on plugin-specific controls and operational security practices tailored to the vulnerability's characteristics.

Need more detailed analysis?Get Pro

Technical Details

Data Version
5.1
Assigner Short Name
Patchstack
Date Reserved
2025-03-26T09:22:34.906Z
Cvss Version
3.1
State
PUBLISHED

Threat ID: 6842eddd71f4d251b5c8802c

Added to database: 6/6/2025, 1:32:13 PM

Last enriched: 7/8/2025, 3:40:05 AM

Last updated: 8/15/2025, 12:09:32 PM

Views: 15

Actions

PRO

Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.

Please log in to the Console to use AI analysis features.

Need enhanced features?

Contact root@offseq.com for Pro access with improved analysis and higher rate limits.

Latest Threats