CVE-2025-57567

Critical

Published: 17 October 2025

Published

17 October 2025

Modified

15 April 2026

KEV Added

—

Patch

—

CVSS Score 9.1 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

EPSS Score 0.0028 51.5th percentile

Risk Priority 18 60% EPSS · 20% KEV · 20% CVSS

Description

Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.

Security Summary

CVE-2025-57567 is a remote code execution (RCE) vulnerability in PluXml CMS, specifically within the theme editor's minify.php file located at /themes/defaut/css/minify.php in the default theme directory. Published on 2025-10-17, it stems from improper control of code generation (CWE-94) and improper access control (CWE-284), earning a CVSS v3.1 base score of 9.1 (AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H).

An authenticated administrator (PR:H) can exploit this vulnerability via the admin panel by overwriting the minify.php file with arbitrary PHP code. This enables remote execution of system commands on the server, with high impacts on confidentiality, integrity, and availability due to the changed scope (S:C).

Advisories and further details are available at http://pluxml.com and https://github.com/lukehebe/Vulnerability-Disclosures/blob/main/CVE-2025-57567.pdf.

Details

CWE(s): CWE-94CWE-284

MITRE ATT&CK Enterprise Techniques

T1190 Exploit Public-Facing Application Initial Access

Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.

attack.mitre.org →

Why these techniques?

RCE vulnerability in public-facing CMS web application exploitable by authenticated administrator to overwrite PHP file and execute arbitrary code.

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

References

http://pluxml.com
cve@mitre.org
https://github.com/lukehebe/Vulnerability-Disclosures/blob/main/CVE-2025-57567.pdf
cve@mitre.org