CVE-2025-30357: NamelessMC Forum Topic Deletion Triggered by Unrelated User Deletion
First published: Fri Apr 18 2025(Updated: )
NamelessMC is a free, easy to use & powerful website software for Minecraft servers. In version 2.1.4 and prior, if a malicious user is leaving spam comments on many topics then an administrator, unable to manually remove each spam comment, may delete the malicious account. Once an administrator deletes the malicious user's account, all their posts (comments) along with the associated topics (by unrelated users) will be marked as deleted. This issue has been patched in version 2.2.0.
Credit: security-advisories@github.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| NamelessMC | <2.2.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2025-30357?
CVE-2025-30357 is classified as a moderate vulnerability affecting NamelessMC versions 2.1.4 and prior.
How do I fix CVE-2025-30357?
To fix CVE-2025-30357, upgrade to NamelessMC version 2.2.0 or later.
What does CVE-2025-30357 affect?
CVE-2025-30357 affects the NamelessMC website software used for managing Minecraft servers.
What kind of attack does CVE-2025-30357 enable?
CVE-2025-30357 potentially allows malicious users to flood topics with spam comments, complicating their removal.
Is there a patch available for CVE-2025-30357?
Yes, a patch is available in NamelessMC version 2.2.0 which addresses CVE-2025-30357.
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/title
- agent/references
- agent/type
- agent/description
- agent/first-publish-date
- agent/guess-ai
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- agent/softwarecombine
- collector/nvd-api
- source/NVD
- agent/last-modified-date
- agent/severity
- agent/author
- agent/tags
- agent/source
- agent/event
- vendor/namelessmc
- canonical/namelessmc