What is CVE-2025-23567?

A high-severity Cross-Site Request Forgery vulnerability in the GDReseller plugin allows for stored cross-site scripting. Organizations must address this vulnerability promptly to mitigate potential risks.

What is the severity of CVE-2025-23567?

CVE-2025-23567 has a severity rating of HIGH with a CVSS base score of 7.1.

CVE-2025-23567 | High Vulnerability in GDReseller Plugin

CVE-2025-23567 is a high-severity vulnerability affecting the GDReseller plugin by Tamer Ziady. This vulnerability allows for Cross-Site Request Forgery (CSRF), which can lead to stored cross-site scripting (XSS). It primarily affects versions of GDReseller from unknown to version 1.6. With a CVSS score of 7.1, it poses a significant risk to organizations using this plugin.

Organizations utilizing the GDReseller plugin need to be aware of this vulnerability due to the potential impact it can have on their web applications. Exploiting this vulnerability may allow attackers to perform unauthorized actions on behalf of authenticated users, leading to further attacks or data breaches.

The vulnerability was published on January 16, 2025, and has been categorized under CWE-352, which relates to Cross-Site Request Forgery. The known exploitation status indicates that there are currently no public exploits available, but the exploitability score suggests a moderate likelihood of being exploited in the wild.

Given the high severity and potential impact of CVE-2025-23567, organizations should prioritize patching this vulnerability immediately to safeguard their systems against possible exploitation.

Vulnerability Details

The Cross-Site Request Forgery (CSRF) vulnerability in the GDReseller plugin allows for stored XSS, which can be exploited by attackers to execute malicious scripts in the context of authenticated users. The vulnerability affects versions of GDReseller from n/a through 1.6.

The CVSS score of 7.1 signifies high severity due to the potential impact on confidentiality, integrity, and availability, albeit with low impact in these areas according to the metrics.

Organizations must assess their deployment of the GDReseller plugin and take necessary actions to mitigate this vulnerability, particularly if they are utilizing versions that are affected.

Technical Analysis

The root cause of this vulnerability is an insufficient verification of requests originating from the user, allowing an attacker to execute unauthorized actions. The attack vector is network-based, and it requires low complexity with no privileges needed from the attacker, but does require user interaction.

This vulnerability has a low confidentiality, integrity, and availability impact, but the potential risk is significant due to possible unauthorized access to sensitive user actions.

Risk & Impact Analysis

Risk to organizations includes unauthorized actions performed on behalf of legitimate users, leading to potential data breaches. The blast radius could be significant if exploited, especially for applications that handle sensitive user data. Given the high CVSS score and the potential for exploitation, organizations should address this vulnerability in their priority patch cycle.

Organizations are urged to prioritize patching this vulnerability immediately to mitigate risks associated with its exploitation.

Exploitation Status

Signal	Status
Known Exploit	No
Public PoC	No
Actively Exploited	No
Ransomware Use	No

Affected Versions

All versions of GDReseller prior to the vendor patch are affected, specifically versions from n/a to 1.6.

Mitigation & Remediation

Organizations should update to the latest version of the GDReseller plugin as soon as a patch becomes available. If immediate patching is not possible, consider implementing web application firewall (WAF) rules to mitigate CSRF attempts and monitor for unusual activities.

For further security enhancement, organizations can engage in penetration testing to validate their security measures.

Detection Guidance

Monitor application logs for unusual user activities that may indicate CSRF exploitation attempts, such as unexpected requests that do not originate from legitimate user sessions.

AppSecure Threat Intelligence Insight

The emergence of CVE-2025-23567 highlights the ongoing challenges organizations face in safeguarding against CSRF vulnerabilities. This incident underscores the importance of implementing robust security measures and maintaining awareness of potential vulnerabilities in third-party plugins.

To enhance security posture, organizations should adopt comprehensive penetration testing methodologies, which provide a structured approach to identifying and mitigating vulnerabilities.

Additionally, establishing a vulnerability management program can help organizations proactively manage and remediate vulnerabilities across their systems.

Ultimately, staying vigilant and adopting best practices in security testing and management will be crucial in defending against evolving threats.

Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.

CVE ID	Title	Severity	Vulnerability Type	Published
CVE-2025-65418	CVE-2025-65418: High Vulnerability in docuFORM Managed Print Service Client	HIGH	Path Traversal	May 11, 2026
CVE-2025-65417	CVE-2025-65417: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	XSS	May 11, 2026
CVE-2025-65416	CVE-2025-65416: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	Unrestricted File Upload	May 11, 2026
CVE-2025-65415	CVE-2025-65415: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	Session Fixation	May 11, 2026
CVE-2025-61314	CVE-2025-61314: High Vulnerability in GmbH Mecury Managed Print Services	HIGH	XSS	May 11, 2026

CVE-2025-23567: High Vulnerability in GDReseller Plugin