CVE-2025-8359
AdForest <= 6.0.9 - Authentication Bypass to AdminThe AdForest theme for WordPress is vulnerable to Authentication Bypass in all versions up to, and including, 6.0.9. This is due to the plugin not properly verifying a user's identity prior to authenticating them. This makes it possible for unauthenticated attackers to log in as other users, including administrators, without access to a password.
We have discovered 1 live websites that are affected by CVE-2025-8359.
Affected Software
| Product | |
| Category | Wordpress Themes |
| Vulnerable Domains | 1 live websites (100% of AdForest install base) |
| Vulnerable Versions |
|
| Vulnerable Versions Count | 0 versions ( less than 0.1% of all versions) |
Common Weakness Enumeration
CWE-288 Authentication Bypass Using an Alternate Path or ChannelDetails
- Published - Sep 6, 2025
- Updated - Sep 8, 2025
Credits
- Tonn (finder)
CVE References
CWE References
CWE
Website Distribution by Country
Number of websites using CVE-2025-8359 Czech Republic | 1 websites |
Websites affected by CVE-2025-8359
Top websites that are affected by CVE-2025-8359. Please click on the "Contact us" link to get more information.| Domain | Country | Rank | Contacts |
|---|---|---|---|
| *********.sk | Czech Republic | **,***,*** |
FAQ
CVE-2025-8359 is Authentication Bypass Using an Alternate Path or Channel in AdForest
A total of 1 websites have been identified as vulnerable to CVE-2025-8359, based on global website indexing conducted by WebTechSurvey.
The AdForest is affected by the CVE-2025-8359 vulnerability.
AdForest versions up to and including 6.0.9 are vulnerable to CVE-2025-8359.