CVE-2025-68082

Cross-Site Request Forgery CSRF vulnerability in SEMrush CY LTD Semrush Content Toolkit semrush-contentshake allows Cross Site Request Forgery.This issue affects Semrush Content Toolkit: from n/a through = 1.1.32...

EUVD-2025-203537

Cross-Site Request Forgery CSRF vulnerability in SEMrush CY LTD Semrush Content Toolkit semrush-contentshake allows Cross Site Request Forgery.This issue affects Semrush Content Toolkit: from n/a through = 1.1.32...

CVE-2025-68082

Cross-Site Request Forgery CSRF vulnerability in SEMrush CY LTD Semrush Content Toolkit semrush-contentshake allows Cross Site Request Forgery.This issue affects Semrush Content Toolkit: from n/a through = 1.1.32...

CVE-2025-68082 WordPress Semrush Content Toolkit plugin <= 1.1.32 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in SEMrush CY LTD Semrush Content Toolkit semrush-contentshake allows Cross Site Request Forgery.This issue affects Semrush Content Toolkit: from n/a through = 1.1.32...

CVE-2025-68082

Technical details for CVE-2025-68082 (Semrush Content Toolkit CSRF in semrush-contentshake

CVE-2025-68082 WordPress Semrush Content Toolkit plugin <= 1.1.32 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in SEMrush CY LTD Semrush Content Toolkit semrush-contentshake allows Cross Site Request Forgery.This issue affects Semrush Content Toolkit: from n/a through = 1.1.32...

WordPress plugin Semrush Content Toolkit 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site request...

PT-2025-51461

Cross-Site Request Forgery CSRF vulnerability in SEMrush CY LTD Semrush Content Toolkit semrush-contentshake allows Cross Site Request Forgery.This issue affects Semrush Content Toolkit: from n/a through = 1.1.32...

WordPress Semrush Content Toolkit plugin <= 1.1.32 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Nabil Irawan in WordPress Plugin Semrush Content Toolkit versions = 1.1.32...

MAL-2025-7735 Malicious code in @crimson-team/semrush-auth (npm)

The package @crimson-team/semrush-auth was found to contain malicious code...

Malicious code in @crimson-team/semrush-auth (npm)

The package @crimson-team/semrush-auth was found to contain malicious code...

A week in security (March 17 &#8211; March 23)

Last week on Malwarebytes Labs: What Google Chrome knows about you, with Carey Parker Lock and Code S06E06 Personal data revealed in released JFK files Semrush impersonation scam hits Google Ads Targeted spyware and why it’s a concern to us The "free money" trap: How scammers exploit financial...

Semrush impersonation scam hits Google Ads

This blog post was co-authored with Elie Berreby, Senior SEO Strategist Criminals are highly interested in online marketing and advertising tools that they can leverage as part of their ongoing malware campaigns. In particular, we have previously detailed how Google advertiser accounts can be...

Semrush: Lack of sanitization of the billing address in pdf invoice

A vulnerability in the invoice PDF generation allowed HTML code injection due to insufficient sanitization of billing address data. An internal review found no evidence of exploitation...

Malicious Package

Overview semrush-help-menu is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if this package...

Malicious Package

Overview semrush-sso-extended is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if this...

Semrush: IDOR vulnerability reveals additional information

An issue was identified in the Content Outline Builder product. Changing a user ID in a GraphQL request could reveal additional information about users. A subsequent internal review revealed no evidence of exploitation by unauthorized parties...

Semrush: Exposure of service tokens to webpack bundle

Service tokens were exposed in a webpack bundle during the build process due to environment variables being accidentally included in the webpack configuration file. A review found no evidence the exposed tokens were used by unauthorized parties...

Semrush: IDOR allowing to read another user's token on the Social Media Ads service

The hotfix was released asap. The investigation showed that there were no cases of vulnerability exploitation. Social Media Ads is a tool for dedicated paid social specialists working with ads. The tool needs to interact with the user's social network account. To do this, Semrush collects a token...

Semrush: API key (api.semrush.com) leak in JS-file

The researcher found a javascript file with an API token that allowed to get internal statistics. When you access a page not found on the application, the source code of the page contains a portion of code that list a lot of javascript files. Some of these javascript files correspond to the Semru...