Cyber Resilience

CVE-2025-9334

HighRCE

Published: 08 November 2025

Published
08 November 2025
Modified
15 April 2026
KEV Added
Patch
CVSS Score v3.1 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0012 30.4th percentile
Risk Priority 18 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-9334 is a high-severity Code Injection (CWE-94) vulnerability in Wordpress (inferred from references). Its CVSS base score is 8.8 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked at the 30.4th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

This vulnerability is AI-related — categorised as Other Platforms; in the Supply Chain and Deployment risk domain.

The strongest mitigations our analysis identified are NIST 800-53 AC-6 (Least Privilege) and SI-10 (Information Input Validation).

Deeper analysis

CVE-2025-9334 is a limited code injection vulnerability affecting the Better Find and Replace – AI-Powered Suggestions plugin for WordPress in all versions up to and including 1.7.7. The issue stems from insufficient input validation and restrictions in the 'rtafar_ajax' function, classified under CWE-94 (Code Injection). It carries a CVSS v3.1 base score of 8.8 (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H), indicating high severity due to its potential for significant impact across confidentiality, integrity, and availability.

Authenticated attackers with Subscriber-level access or higher can exploit this vulnerability remotely with low complexity and no user interaction required. By leveraging the flawed 'rtafar_ajax' function, they can invoke arbitrary plugin functions and execute code within those functions, potentially leading to unauthorized data access, modification, or disruption within the affected WordPress environment.

Advisories and references, including a Wordfence threat intelligence report, highlight specific code locations such as RTAFAR_CustomAjax.php (line 29), DbReplacer.php (line 507), and Util.php (line 233) in the plugin's trunk repository. A changeset at plugins.trac.wordpress.org/changeset/3389979/ likely documents remediation efforts, urging administrators to update the plugin beyond version 1.7.7 or restrict access to the vulnerable AJAX endpoint.

EU & UK References

Vulnerability details

The Better Find and Replace – AI-Powered Suggestions plugin for WordPress is vulnerable to Limited Code Injection in all versions up to, and including, 1.7.7. This is due to insufficient input validation and restriction on the 'rtafar_ajax' function. This makes…

more

it possible for authenticated attackers, with Subscriber-level access and above, to call arbitrary plugin functions and execute code within those functions.

CWE(s)

AI Security AnalysisAI

AI Category
Other Platforms
Risk Domain
Supply Chain and Deployment
OWASP Top 10 for LLMs 2025
None mapped
Classification Reason
Matched keywords: ai

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1068 Exploitation for Privilege Escalation Privilege Escalation
Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.
T1210 Exploitation of Remote Services Lateral Movement
Adversaries may exploit remote services to gain unauthorized access to internal systems once inside of a network.
Why these techniques?

The limited code injection vulnerability allows authenticated Subscriber-level users to remotely call and execute arbitrary plugin functions, enabling exploitation of remote services (T1210) and privilege escalation beyond normal user permissions (T1068).

CVEs Like This One

CVE-2025-42880Shared CWE-94
CVE-2025-2787Shared CWE-94
CVE-2025-48984Shared CWE-94
CVE-2026-25817Shared CWE-94
CVE-2024-10252Shared CWE-94
CVE-2026-24516Shared CWE-94
CVE-2025-42957Shared CWE-94
CVE-2025-42950Shared CWE-94
CVE-2025-21292Shared CWE-94
CVE-2026-26682Shared CWE-94

Affected Assets

Wordpress
inferred from references and description; NVD did not file a CPE for this CVE

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly addresses the root cause of insufficient input validation in the rtafar_ajax function, preventing arbitrary plugin function calls and code injection.

prevent

Requires timely remediation of the code injection flaw by updating the plugin beyond version 1.7.7, as indicated in the advisory changeset.

prevent

Enforces least privilege to restrict Subscriber-level users from executing arbitrary high-impact plugin functions via the vulnerable AJAX endpoint.

References