Cyber Resilience

CVE-2025-68547

High

Published: 05 January 2026

Published
05 January 2026
Modified
23 April 2026
KEV Added
Patch
CVSS Score v3.1 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS Score 0.0003 10.6th percentile
Risk Priority 15 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-68547 is a high-severity Missing Authorization (CWE-862) vulnerability in Wpwebelite Follow My Blog Post. Its CVSS base score is 7.5 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 10.6th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 AC-14 (Permitted Actions Without Identification or Authentication) and AC-3 (Access Enforcement).

Deeper analysis

CVE-2025-68547 is a missing authorization vulnerability (CWE-862) in the WordPress plugin Follow My Blog Post, developed by wpweb. The flaw enables exploitation of incorrectly configured access control security levels and affects all versions of the plugin from n/a through 2.4.0. Published on 2026-01-05, it carries a CVSS v3.1 base score of 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H), indicating high severity primarily due to availability impact.

Unauthenticated attackers can exploit this vulnerability remotely over the network with low attack complexity and no user interaction required. Exploitation allows arbitrary content deletion within affected WordPress installations, potentially disrupting site functionality by removing posts, pages, or other content.

The Patchstack advisory documents this as an arbitrary content deletion vulnerability in Follow My Blog Post version 2.4.0 and provides details on the issue, available at https://patchstack.com/database/Wordpress/Plugin/follow-my-blog-post/vulnerability/wordpress-follow-my-blog-post-plugin-2-4-0-arbitrary-content-deletion-vulnerability?_s_id=cve.

EU & UK References

Vulnerability details

Missing Authorization vulnerability in wpweb Follow My Blog Post follow-my-blog-post allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Follow My Blog Post: from n/a through <= 2.4.0.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
T1485 Data Destruction Impact
Adversaries may destroy data and files on specific systems or in large numbers on a network to interrupt availability to systems, services, and network resources.
Why these techniques?

Missing authorization in public-facing WordPress plugin directly enables remote unauthenticated exploitation (T1190) leading to arbitrary content deletion (T1485).

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

CVEs Like This One

CVE-2026-4365Shared CWE-862
CVE-2025-23512Shared CWE-862
CVE-2026-4094Shared CWE-862
CVE-2026-27181Shared CWE-862
CVE-2026-4119Shared CWE-862
CVE-2024-12104Shared CWE-862
CVE-2026-32817Shared CWE-862
CVE-2026-25443Shared CWE-862
CVE-2025-22657Shared CWE-862
CVE-2025-22715Shared CWE-862

Affected Assets

wpwebelite
follow my blog post
≤ 2.4.1

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Enforces approved authorizations for access to system resources, directly mitigating the missing authorization that allows unauthenticated arbitrary content deletion.

prevent

Explicitly defines and enforces permitted actions without identification or authentication, preventing unauthenticated attackers from performing content deletion.

prevent

Requires timely identification, reporting, and correction of flaws like this plugin's missing authorization vulnerability.

References