Code Execution Vulnerability in ThimPress Thim Core
CVE-2025-53345

8.8HIGH

Key Information:

Vendor: WordPress
Status: Thim Core
Vendor: CVE Published:; 2 June 2026

What is CVE-2025-53345?

The ThimPress Thim Core plugin is susceptible to a missing authorization vulnerability that enables attackers to execute arbitrary code by installing a malicious version of the vulnerable plugin. This issue highlights the importance of securing WordPress environments by ensuring that only trusted plugins are utilized. Users of Thim Core versions 2.3.3 and earlier are advised to take precautionary measures to safeguard their installations.

Affected Version(s)

Thim Core <= 2.3.3

References

https://patchstack.com/database/wordpress/plugin/thim-cor...

vdb-entry

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 2, 2026
Vulnerability Reserved
Jun 27, 2025

Credit

Ananda Dhakal | Patchstack

CVE-2025-53345 Data

JSON