Login Sign Up

CVE-2025-64368

5.4 MEDIUM
Authentication Bypass CSRF

📋 TL;DR

This CSRF vulnerability in the Bard WordPress theme allows attackers to trick authenticated administrators into performing unintended actions on the WordPress site. It affects all Bard theme installations from unknown versions through version 1.6. WordPress site administrators using the vulnerable theme are at risk.

💻 Affected Systems

Products:
  • Mikado-Themes Bard WordPress Theme
Versions: n/a through <= 1.6
Operating Systems: Any OS running WordPress
Default Config Vulnerable: ⚠️ Yes
Notes: All WordPress installations using the Bard theme within the affected version range are vulnerable by default.

📦 What is this software?

Bard by Qodeinteractive

View all CVEs affecting Bard →

⚠️ Risk & Real-World Impact

🔴

Worst Case

An attacker could trick an admin into changing site settings, creating new admin accounts, or modifying content, potentially leading to complete site compromise.

🟠

Likely Case

Attackers could modify theme settings, inject malicious content, or change user permissions through forged requests.

🟢

If Mitigated

With proper CSRF protections, the vulnerability would be blocked, preventing unauthorized actions even if malicious links are clicked.

🌐 Internet-Facing: HIGH
🏢 Internal Only: LOW

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: MEDIUM

Exploitation requires tricking an authenticated admin to click a malicious link while logged into WordPress.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Version after 1.6

Vendor Advisory: https://patchstack.com/database/Wordpress/Theme/bardwp/vulnerability/wordpress-bard-theme-1-6-cross-site-request-forgery-csrf-vulnerability?_s_id=cve

Restart Required: No

Instructions:

1. Log into WordPress admin panel. 2. Navigate to Appearance > Themes. 3. Check if Bard theme is active. 4. Update the Bard theme to the latest version. 5. Verify the update completed successfully.

🔧 Temporary Workarounds

Implement CSRF Tokens

all

Add CSRF protection tokens to theme forms and AJAX requests

Use Security Plugins

all

Install WordPress security plugins that provide CSRF protection

🧯 If You Can't Patch

  • Disable the Bard theme and switch to a secure alternative
  • Implement strict access controls and monitor admin activity logs

🔍 How to Verify

Check if Vulnerable:

Check WordPress admin panel > Appearance > Themes > Bard theme version. If version is 1.6 or earlier, you are vulnerable.

Check Version:

wp theme list --field=name,version | grep bard

Verify Fix Applied:

After updating, verify the Bard theme version is greater than 1.6 in Appearance > Themes.

📡 Detection & Monitoring

Log Indicators:

  • Unusual theme setting changes from unexpected IPs
  • Multiple failed CSRF token validations in WordPress logs

Network Indicators:

  • POST requests to theme admin endpoints without proper referrer headers
  • Suspicious redirects to theme settings pages

SIEM Query:

source="wordpress.log" AND ("csrf" OR "nonce" OR "referer") AND status="failed"

📊 Metadata

CVE ID: CVE-2025-64368
CVSS v3 Score: 5.4 (MEDIUM)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
CWE: CWE-352
EPSS Score: 0.02% exploit probability (4.3th percentile)
Published: October 31, 2025
Last Updated: January 29, 2026

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-64368, you might also want to check these:

CVE-2025-23922 10.0

A Cross-Site Request Forgery (CSRF) vulnerability in the Harsh iSpring Embedder WordPress plugin all...

Same vulnerability type (CWE-352)
CVE-2020-23426 9.8

CVE-2020-23426 is a privilege escalation vulnerability in zzcms 201910 that allows attackers to gain...

Same vulnerability type (CWE-352)
CVE-2024-33449 9.8

This SSRF vulnerability in PDFMyURL allows attackers to make the service send requests to internal s...

Same vulnerability type (CWE-352)