CVE-2025-4828 – This vulnerability in the Support Board WordPre... (How to Fix)

Q: What is the severity of CVE-2025-4828?

CVE-2025-4828 has a CVSS score of 9.8 (CRITICAL). This vulnerability in the Support Board WordPress plugin allows attackers to delete arbitrary files on the server due to insufficient path validation. It affects all versions up to and including 3.8.0, potentially leading to remote code execution if critical files like wp-config.php are deleted. Attackers can exploit this unauthenticated by leveraging CVE-2025-4855.

📋 TL;DR

This vulnerability in the Support Board WordPress plugin allows attackers to delete arbitrary files on the server due to insufficient path validation. It affects all versions up to and including 3.8.0, potentially leading to remote code execution if critical files like wp-config.php are deleted. Attackers can exploit this unauthenticated by leveraging CVE-2025-4855.

💻 Affected Systems

Products:

Support Board plugin for WordPress

Versions: All versions up to and including 3.8.0

Operating Systems: Any OS running WordPress

Default Config Vulnerable: ⚠️ Yes

Notes: Requires the plugin to be installed and active; exploitation may depend on other vulnerabilities like CVE-2025-4855 for unauthenticated access.

📦 What is this software?

Support Board by Schiocco

View all CVEs affecting Support Board →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote code execution leading to complete server compromise, data loss, or site defacement.

🟠

Likely Case

Arbitrary file deletion causing service disruption, data corruption, or privilege escalation.

🟢

If Mitigated

Limited impact if file permissions are restrictive or the plugin is disabled, but risk remains if unpatched.

🌐 Internet-Facing: HIGH, as the plugin is often used on public WordPress sites and can be exploited unauthenticated.

🏢 Internal Only: MEDIUM, as internal attackers could still exploit it, but external exposure is the primary concern.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Exploitation is straightforward if combined with CVE-2025-4855; no public proof-of-concept is known, but weaponization is likely due to high CVSS score and impact.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Version after 3.8.0 (check vendor for exact version)

Vendor Advisory: https://codecanyon.net/item/support-board-help-desk-and-chat/20359943

Restart Required: No

Instructions:

1. Log into WordPress admin panel. 2. Navigate to Plugins > Installed Plugins. 3. Find Support Board plugin and update to the latest version. 4. Verify update completes successfully.

🔧 Temporary Workarounds

Disable the plugin

all

Temporarily deactivate the Support Board plugin to prevent exploitation.

wp plugin deactivate support-board

🧯 If You Can't Patch

Restrict file permissions to critical directories like wp-content/plugins/support-board to prevent deletion.
Implement web application firewall (WAF) rules to block requests targeting the sb_file_delete function.

🔍 How to Verify

Check if Vulnerable:

Check the plugin version in WordPress admin under Plugins > Installed Plugins; if version is 3.8.0 or lower, it is vulnerable.

Check Version:

wp plugin get support-board --field=version

Verify Fix Applied:

After updating, confirm the plugin version is above 3.8.0 and test functionality to ensure no disruption.

📡 Detection & Monitoring

Log Indicators:

Unusual POST requests to /wp-admin/admin-ajax.php with action=sb_file_delete
File deletion events in server logs for unexpected paths

Network Indicators:

HTTP requests with parameters targeting file paths in the sb_file_delete function

SIEM Query:

source="web_server_logs" AND uri="/wp-admin/admin-ajax.php" AND action="sb_file_delete"

📊 Metadata

CVE ID: CVE-2025-4828

CVSS v3 Score: 9.8 (CRITICAL)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-22

EPSS Score: 2.6% exploit probability (85.3th percentile)

Published: July 9, 2025

Last Updated: July 14, 2025

🔗 References

https://codecanyon.net/item/support-board-help-desk-and-chat/20359943 Product
https://www.wordfence.com/threat-intel/vulnerabilities/id/33989611-8640-4c33-a34e-14f10cd7286d?source=cve Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-4828, you might also want to check these: