CVE-2025-58997

Frenify · Mow

A Cross-Site Request Forgery (CSRF) vulnerability in the Frenify Mow plugin allows for code injection, potentially leading to unauthorized system changes.

Executive summary

A critical CSRF vulnerability in the Frenify Mow plugin (up to version 4.10) allows for code injection, creating a significant risk of unauthorized administrative actions.

Vulnerability

The application is susceptible to Cross-Site Request Forgery (CSRF), which, when combined with code injection capabilities, allows an unauthenticated attacker to force an authenticated administrator to execute unintended actions.

Business impact

With a CVSS score of 9.6, this vulnerability represents a severe threat to site integrity. Successful exploitation could allow an attacker to inject arbitrary code, potentially leading to a full site takeover, unauthorized data modification, or the compromise of administrative user sessions.

Remediation

Immediate Action: Update the Frenify Mow plugin to the latest available version beyond 4.10 immediately. If an update is not available, deactivate and remove the plugin until a fix is released.

Proactive Monitoring: Review web server access logs for suspicious POST requests originating from unexpected sources or unauthorized administrative actions performed during off-peak hours.

Compensating Controls: Implement a Web Application Firewall (WAF) with strict CSRF protection rules to block malicious requests targeting the Mow plugin.

Exploitation status

Public Exploit Available: Unknown

Analyst recommendation

This vulnerability is highly critical due to the risk of code injection. Security teams must ensure that the plugin is patched or disabled immediately to prevent attackers from hijacking administrative sessions and compromising the web application.