A critical Remote Code Execution (RCE) vulnerability (CVE‑2025‑6389) in the Sneeit Framework Plugin for WordPress is actively being exploited. This vulnerability allows attackers to execute arbitrary code on affected websites, potentially compromising site integrity and administrative control.

Affected Systems:

The affected systems and versions are:

• Sneeit Framework Plugin for WordPress: all versions 8.3 and earlier.

Security Risks

Exploitation of this vulnerability may lead to complete site compromise, allowing attackers to create unauthorized administrator accounts, deploy backdoors, and execute malicious code that can redirect visitors or further compromise the server.

Recommended Actions

The National Cyber Security Authority (NCSA) strongly recommends that system administrators:

• Upgrade to the latest supported version of the installed software as soon as possible to ensure continued access to technical support and security patches.

• Apply the required and latest security updates as soon as possible.

  The released software version for upgrade is:
 

• Sneeit Framework Plugin for WordPress: Update to version 8.4 or above.

• Before any update task, please ensure you have a recent backup that can easily be restored.

For further information and support, please contact NCSA by email at rwcsirt@ncsa.gov.rw or call us at 9009.
 

References

• Attackers Actively Exploiting Critical Vulnerability in Sneeit Framework Plugin

• https://nvd.nist.gov/vuln/detail/CVE-2025-6389