Common Weakness Enumeration

CWE-862

Missing Authorization

The product does not perform an authorization check when an actor attempts to access a resource or perform an action.

CVE-2025-14034 (GCVE-0-2025-14034)

Vulnerability from cvelistv5 – Published: 2026-01-06 03:21 – Updated: 2026-04-08 17:30
VLAI
Title
ilGhera Support System for WooCommerce <= 1.2.6 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Ticket Deletion
Summary
The ilGhera Support System for WooCommerce plugin for WordPress is vulnerable to unauthorized modification and loss of data due to a missing capability check on the 'delete_single_ticket_callback' and 'change_ticket_status_callback' functions in all versions up to, and including, 1.2.6. This makes it possible for authenticated attackers, with Subscriber-level access and above, to delete arbitrary support tickets and modify their status.
SSVC
Exploitation: none Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
Assigner
Impacted products
Vendor Product Version
ghera74 ilGhera Support System for WooCommerce Affected: 0 , ≤ 1.2.6 (semver)
Create a notification for this product.
Credits
Md. Moniruzzaman Prodhan
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-14034",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-01-06T15:00:33.815916Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-01-06T15:00:50.502Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "ilGhera Support System for WooCommerce",
          "vendor": "ghera74",
          "versions": [
            {
              "lessThanOrEqual": "1.2.6",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Md. Moniruzzaman Prodhan"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "The ilGhera Support System for WooCommerce plugin for WordPress is vulnerable to unauthorized modification and loss of data due to a missing capability check on the \u0027delete_single_ticket_callback\u0027 and \u0027change_ticket_status_callback\u0027 functions in all versions up to, and including, 1.2.6. This makes it possible for authenticated attackers, with Subscriber-level access and above, to delete arbitrary support tickets and modify their status."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-862",
              "description": "CWE-862 Missing Authorization",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-04-08T17:30:21.336Z",
        "orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
        "shortName": "Wordfence"
      },
      "references": [
        {
          "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/e74fb552-3ef4-47cd-8fe6-8cc1e74b8377?source=cve"
        },
        {
          "url": "https://plugins.trac.wordpress.org/browser/wc-support-system/trunk/includes/class-wc-support-system.php#L1331"
        },
        {
          "url": "https://plugins.trac.wordpress.org/browser/wc-support-system/tags/1.2.6/includes/class-wc-support-system.php#L1331"
        },
        {
          "url": "https://plugins.trac.wordpress.org/browser/wc-support-system/trunk/includes/class-wc-support-system.php#L865"
        },
        {
          "url": "https://plugins.trac.wordpress.org/browser/wc-support-system/tags/1.2.6/includes/class-wc-support-system.php#L865"
        },
        {
          "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=\u0026sfph_mail=\u0026reponame=\u0026old=3426161%40wc-support-system\u0026new=3426161%40wc-support-system\u0026sfp_email=\u0026sfph_mail="
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-12-12T18:27:32.000Z",
          "value": "Vendor Notified"
        },
        {
          "lang": "en",
          "time": "2026-01-05T15:05:40.000Z",
          "value": "Disclosed"
        }
      ],
      "title": "ilGhera Support System for WooCommerce \u003c= 1.2.6 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Ticket Deletion"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
    "assignerShortName": "Wordfence",
    "cveId": "CVE-2025-14034",
    "datePublished": "2026-01-06T03:21:40.731Z",
    "dateReserved": "2025-12-04T15:03:56.626Z",
    "dateUpdated": "2026-04-08T17:30:21.336Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-14038 (GCVE-0-2025-14038)

Vulnerability from cvelistv5 – Published: 2025-12-15 18:02 – Updated: 2025-12-15 19:01
VLAI
Summary
EDB Hybrid Manager contains a flaw that allows an unauthenticated attacker to directly access certain gRPC endpoints. This could allow an attacker to read potentially sensitive data or possibly cause a denial-of-service by writing malformed data to certain gRPC endpoints. This flaw has been remediated in EDB Hybrid Manager 1.3.3, and customers should consider upgrading to 1.3.3 as soon as possible. The flaw is due to a misconfiguration in the Istio Gateway, which manages authentication and authorization for the affected endpoints. The security policy relies on an explicit definition of required permissions in the Istio Gateway configuration, and the affected endpoints were not defined in the configuration. This allowed requests to bypass both authentication and authorization within a Hybrid Manager service. All versions of Hybrid Manager - LTS should be upgraded to 1.3.3, and all versions of Hybrid Manager - Innovation should be upgraded to 2025.12.
SSVC
Exploitation: none Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-862 - Missing Authorization
  • CWE-306 - Missing Authentication for Critical Function
Assigner
EDB
Impacted products
Vendor Product Version
EnterpriseDB Hybrid Manager - LTS Affected: 1.3 , < 1.3.3 (semver)
Affected: 1.2 (semver)
Create a notification for this product.
EnterpriseDB Hybrid Manager - Innovation Affected: 2025 , < 2025.12 (custom)
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-14038",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-12-15T19:01:41.820963Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-12-15T19:01:52.793Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "affected",
          "product": "Hybrid Manager - LTS",
          "vendor": "EnterpriseDB",
          "versions": [
            {
              "lessThan": "1.3.3",
              "status": "affected",
              "version": "1.3",
              "versionType": "semver"
            },
            {
              "status": "affected",
              "version": "1.2",
              "versionType": "semver"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Hybrid Manager - Innovation",
          "vendor": "EnterpriseDB",
          "versions": [
            {
              "lessThan": "2025.12",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "EDB Hybrid Manager contains a flaw that allows an unauthenticated attacker to directly access certain gRPC endpoints. This could allow an attacker to read potentially sensitive data or possibly cause a denial-of-service by writing malformed data to certain gRPC endpoints. This flaw has been remediated in EDB Hybrid Manager 1.3.3, and customers should consider upgrading to 1.3.3 as soon as possible.\nThe flaw is due to a misconfiguration in the Istio Gateway, which manages authentication and authorization for the affected endpoints. The security policy relies on an explicit definition of required permissions in the Istio Gateway configuration, and the affected endpoints were not defined in the configuration. This allowed requests to bypass both authentication and authorization within a Hybrid Manager service.\nAll versions of Hybrid Manager - LTS should be upgraded to 1.3.3, and all versions of Hybrid Manager - Innovation should be upgraded to 2025.12."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-862",
              "description": "CWE-862 Missing Authorization",
              "lang": "en",
              "type": "CWE"
            },
            {
              "cweId": "CWE-306",
              "description": "CWE-306 Missing Authentication for Critical Function",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-12-15T18:02:01.294Z",
        "orgId": "20be33e2-bf35-4d13-8fad-18bd2f3e3659",
        "shortName": "EDB"
      },
      "references": [
        {
          "url": "https://www.enterprisedb.com/docs/security/advisories/cve202514038/"
        }
      ],
      "source": {
        "discovery": "INTERNAL"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "20be33e2-bf35-4d13-8fad-18bd2f3e3659",
    "assignerShortName": "EDB",
    "cveId": "CVE-2025-14038",
    "datePublished": "2025-12-15T18:02:01.294Z",
    "dateReserved": "2025-12-04T15:37:36.286Z",
    "dateUpdated": "2025-12-15T19:01:52.793Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-1404 (GCVE-0-2025-1404)

Vulnerability from cvelistv5 – Published: 2025-03-01 11:22 – Updated: 2026-04-08 17:00
VLAI
Title
Secure Copy Content Protection and Content Locking <= 4.4.7 - Missing Authorization to Unauthenticated User Email Retrieval via ays_sccp_reports_user_search Function
Summary
The Secure Copy Content Protection and Content Locking plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the ays_sccp_reports_user_search() function in all versions up to, and including, 4.4.7. This makes it possible for unauthenticated attackers to retrieve a list of registered user emails.
SSVC
Exploitation: none Automatable: yes Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
Assigner
Impacted products
Credits
Krzysztof Zając
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-1404",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-03-03T20:54:44.742934Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-03-03T20:56:03.895Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Secure Copy Content Protection and Content Locking",
          "vendor": "ays-pro",
          "versions": [
            {
              "lessThanOrEqual": "4.4.7",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Krzysztof Zaj\u0105c"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "The Secure Copy Content Protection and Content Locking plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the ays_sccp_reports_user_search() function in all versions up to, and including, 4.4.7. This makes it possible for unauthenticated attackers to retrieve a list of registered user emails."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-862",
              "description": "CWE-862 Missing Authorization",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-04-08T17:00:56.504Z",
        "orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
        "shortName": "Wordfence"
      },
      "references": [
        {
          "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/7363b5de-db30-4b35-b701-5c8f2835ec6c?source=cve"
        },
        {
          "url": "https://wordpress.org/plugins/secure-copy-content-protection/#developers"
        },
        {
          "url": "https://plugins.trac.wordpress.org/browser/secure-copy-content-protection/tags/4.4.6/admin/class-secure-copy-content-protection-admin.php#L943"
        },
        {
          "url": "https://plugins.trac.wordpress.org/browser/secure-copy-content-protection/tags/4.4.6/admin/js/secure-copy-content-protection-admin.js"
        },
        {
          "url": "https://plugins.trac.wordpress.org/changeset/3246301"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-02-28T22:01:07.000Z",
          "value": "Disclosed"
        }
      ],
      "title": "Secure Copy Content Protection and Content Locking \u003c= 4.4.7 - Missing Authorization to Unauthenticated User Email Retrieval via ays_sccp_reports_user_search Function"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
    "assignerShortName": "Wordfence",
    "cveId": "CVE-2025-1404",
    "datePublished": "2025-03-01T11:22:48.111Z",
    "dateReserved": "2025-02-17T20:28:28.345Z",
    "dateUpdated": "2026-04-08T17:00:56.504Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-14043 (GCVE-0-2025-14043)

Vulnerability from cvelistv5 – Published: 2025-12-21 02:20 – Updated: 2026-04-08 16:53
VLAI
Title
Tainacan <= 1.0.1 - Missing Authorization to Unauthenticated Arbitrary Metadata Section Creation
Summary
The Tainacan plugin for WordPress is vulnerable to unauthorized metadata section creation due to missing authorization checks in all versions up to, and including, 1.0.1. This is due to the `create_item_permissions_check()` function unconditionally returning true, which bypasses authentication and authorization validation. This makes it possible for unauthenticated attackers to create arbitrary metadata sections for any collection via the public REST API granted they can access the WordPress site.
SSVC
Exploitation: none Automatable: yes Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
Assigner
Impacted products
Vendor Product Version
tainacan Tainacan Affected: 0 , ≤ 1.0.1 (semver)
Create a notification for this product.
Credits
Deadbee
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-14043",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-12-22T20:21:47.820875Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-12-22T20:21:59.445Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Tainacan",
          "vendor": "tainacan",
          "versions": [
            {
              "lessThanOrEqual": "1.0.1",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Deadbee"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "The Tainacan plugin for WordPress is vulnerable to unauthorized metadata section creation due to missing authorization checks in all versions up to, and including, 1.0.1. This is due to the `create_item_permissions_check()` function unconditionally returning true, which bypasses authentication and authorization validation. This makes it possible for unauthenticated attackers to create arbitrary metadata sections for any collection via the public REST API granted they can access the WordPress site."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-862",
              "description": "CWE-862 Missing Authorization",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-04-08T16:53:31.704Z",
        "orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
        "shortName": "Wordfence"
      },
      "references": [
        {
          "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/5596a0f0-6bfe-4c6e-a0d6-117e13117098?source=cve"
        },
        {
          "url": "https://plugins.trac.wordpress.org/browser/tainacan/trunk/classes/api/endpoints/class-tainacan-rest-metadata-sections-controller.php#L363"
        },
        {
          "url": "https://plugins.trac.wordpress.org/browser/tainacan/tags/1.0.1/classes/api/endpoints/class-tainacan-rest-metadata-sections-controller.php#L363"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-12-04T16:29:37.000Z",
          "value": "Vendor Notified"
        },
        {
          "lang": "en",
          "time": "2025-12-20T14:07:06.000Z",
          "value": "Disclosed"
        }
      ],
      "title": "Tainacan \u003c= 1.0.1 - Missing Authorization to Unauthenticated Arbitrary Metadata Section Creation"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
    "assignerShortName": "Wordfence",
    "cveId": "CVE-2025-14043",
    "datePublished": "2025-12-21T02:20:32.422Z",
    "dateReserved": "2025-12-04T16:14:29.071Z",
    "dateUpdated": "2026-04-08T16:53:31.704Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-14045 (GCVE-0-2025-14045)

Vulnerability from cvelistv5 – Published: 2025-12-12 03:20 – Updated: 2026-04-08 16:54
VLAI
Title
URL Media Uploader <= 1.0.1 - Missing Authorization to Authenticated (Contributor+) Safe File Upload
Summary
The URL Media Uploader plugin for WordPress is vulnerable to unauthorized safe file uploads due to a missing capability check on the url_media_uploader_url_upload_ajax_handler() function in all versions up to, and including, 1.0.1. This makes it possible for authenticated attackers, with Contributor-level access and above, to upload safe media files.
SSVC
Exploitation: poc Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
Assigner
Impacted products
Vendor Product Version
apprhyme URL Media Uploader Affected: 0 , ≤ 1.0.1 (semver)
Create a notification for this product.
Credits
jason carle
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-14045",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-12-15T18:06:29.614890Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-12-15T18:15:51.629Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "references": [
          {
            "tags": [
              "exploit"
            ],
            "url": "https://gist.github.com/jasoncarle/925401bb11833b1ced2342390e20718e"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "URL Media Uploader",
          "vendor": "apprhyme",
          "versions": [
            {
              "lessThanOrEqual": "1.0.1",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "jason carle"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "The URL Media Uploader plugin for WordPress is vulnerable to unauthorized safe file uploads due to a missing capability check on the url_media_uploader_url_upload_ajax_handler() function in all versions up to, and including, 1.0.1. This makes it possible for authenticated attackers, with Contributor-level access and above, to upload safe media files."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-862",
              "description": "CWE-862 Missing Authorization",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-04-08T16:54:30.863Z",
        "orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
        "shortName": "Wordfence"
      },
      "references": [
        {
          "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/57f09da9-0d2c-45db-b3ed-19a7c9f5a001?source=cve"
        },
        {
          "url": "https://plugins.trac.wordpress.org/browser/url-media-uploader/trunk/url-media-uploader.php#L52"
        },
        {
          "url": "https://gist.github.com/jasoncarle/925401bb11833b1ced2342390e20718e"
        },
        {
          "url": "https://plugins.trac.wordpress.org/browser/url-media-uploader/tags/1.0.1/url-media-uploader.php#L52"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-12-11T14:28:59.000Z",
          "value": "Disclosed"
        }
      ],
      "title": "URL Media Uploader \u003c= 1.0.1 - Missing Authorization to Authenticated (Contributor+) Safe File Upload"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
    "assignerShortName": "Wordfence",
    "cveId": "CVE-2025-14045",
    "datePublished": "2025-12-12T03:20:44.837Z",
    "dateReserved": "2025-12-04T16:19:35.756Z",
    "dateUpdated": "2026-04-08T16:54:30.863Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-14047 (GCVE-0-2025-14047)

Vulnerability from cvelistv5 – Published: 2026-01-02 01:48 – Updated: 2026-04-08 16:59
VLAI
Title
WP User Frontend <= 4.2.4 - Missing Authorization to Unauthenticated Arbitrary Attachment Deletion
Summary
The Registration, User Profile, Membership, Content Restriction, User Directory, and Frontend Post Submission – WP User Frontend plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the 'Frontend_Form_Ajax::submit_post' function in all versions up to, and including, 4.2.4. This makes it possible for unauthenticated attackers to delete attachment.
SSVC
Exploitation: none Automatable: yes Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
Assigner
Credits
Angus Girvan
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-14047",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-01-05T20:32:35.198196Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-01-05T20:39:40.539Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "User Frontend: AI Powered Frontend Posting, User Directory, Profile, Membership \u0026 User Registration",
          "vendor": "wedevs",
          "versions": [
            {
              "lessThanOrEqual": "4.2.4",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Angus Girvan"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "The Registration, User Profile, Membership, Content Restriction, User Directory, and Frontend Post Submission \u2013 WP User Frontend plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the \u0027Frontend_Form_Ajax::submit_post\u0027 function in all versions up to, and including, 4.2.4. This makes it possible for unauthenticated attackers to delete attachment."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-862",
              "description": "CWE-862 Missing Authorization",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-04-08T16:59:43.442Z",
        "orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
        "shortName": "Wordfence"
      },
      "references": [
        {
          "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/6e95b16f-a25a-45c7-a875-2d34a1e127ce?source=cve"
        },
        {
          "url": "https://plugins.trac.wordpress.org/changeset/3430352/wp-user-frontend/trunk/includes/Ajax/Frontend_Form_Ajax.php"
        },
        {
          "url": "https://plugins.trac.wordpress.org/browser/wp-user-frontend/tags/4.2.2/includes/Ajax.php#L25"
        },
        {
          "url": "https://plugins.trac.wordpress.org/browser/wp-user-frontend/tags/4.2.2/includes/Ajax.php#L69"
        },
        {
          "url": "https://plugins.trac.wordpress.org/browser/wp-user-frontend/tags/4.2.2/includes/Ajax/Frontend_Form_Ajax.php#L35"
        },
        {
          "url": "https://plugins.trac.wordpress.org/browser/wp-user-frontend/tags/4.2.2/includes/Ajax/Frontend_Form_Ajax.php#L55"
        },
        {
          "url": "https://plugins.trac.wordpress.org/browser/wp-user-frontend/tags/4.2.2/includes/Ajax/Frontend_Form_Ajax.php#L133"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-12-18T17:47:15.000Z",
          "value": "Vendor Notified"
        },
        {
          "lang": "en",
          "time": "2026-01-01T13:23:01.000Z",
          "value": "Disclosed"
        }
      ],
      "title": "WP User Frontend \u003c= 4.2.4 - Missing Authorization to Unauthenticated Arbitrary Attachment Deletion"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
    "assignerShortName": "Wordfence",
    "cveId": "CVE-2025-14047",
    "datePublished": "2026-01-02T01:48:19.898Z",
    "dateReserved": "2025-12-04T16:37:13.476Z",
    "dateUpdated": "2026-04-08T16:59:43.442Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-14061 (GCVE-0-2025-14061)

Vulnerability from cvelistv5 – Published: 2025-12-17 06:36 – Updated: 2026-04-08 17:04
VLAI
Title
Cookie Banner, Cookie Consent, Consent Log, Cookie Scanner, Script Blocker (for GDPR, CCPA & ePrivacy) : WP Cookie Consent <= 4.0.7 - Missing Authorization to Unauthenticated Arbitrary Post Deletion
Summary
The Cookie Banner, Cookie Consent, Consent Log, Cookie Scanner, Script Blocker (for GDPR, CCPA & ePrivacy) : WP Cookie Consent plugin for WordPress is vulnerable to unauthorized data modification due to a missing capability check on the gdpr_delete_policy_data function in all versions up to, and including, 4.0.7. This makes it possible for unauthenticated attackers to permanently delete arbitrary posts, pages, attachments, and other post types by ID.
SSVC
Exploitation: none Automatable: yes Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
Assigner
Impacted products
Credits
Angus Girvan
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-14061",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-12-17T21:34:21.038254Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-12-17T21:34:33.478Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Cookie Banner for GDPR / CCPA \u2013 WPLP Cookie Consent",
          "vendor": "wplegalpages",
          "versions": [
            {
              "lessThanOrEqual": "4.0.7",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Angus Girvan"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "The Cookie Banner, Cookie Consent, Consent Log, Cookie Scanner, Script Blocker (for GDPR, CCPA \u0026 ePrivacy) : WP Cookie Consent plugin for WordPress is vulnerable to unauthorized data modification due to a missing capability check on the gdpr_delete_policy_data function in all versions up to, and including, 4.0.7. This makes it possible for unauthenticated attackers to permanently delete arbitrary posts, pages, attachments, and other post types by ID."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-862",
              "description": "CWE-862 Missing Authorization",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-04-08T17:04:48.101Z",
        "orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
        "shortName": "Wordfence"
      },
      "references": [
        {
          "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/866b4ca8-563f-4a19-bbf7-79a79f07d53d?source=cve"
        },
        {
          "url": "https://plugins.trac.wordpress.org/browser/gdpr-cookie-consent/tags/4.0.6/admin/class-gdpr-cookie-consent-admin.php#L8091"
        },
        {
          "url": "https://plugins.trac.wordpress.org/browser/gdpr-cookie-consent/tags/4.0.6/admin/class-gdpr-cookie-consent-admin.php#L8878"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-12-16T17:48:32.000Z",
          "value": "Disclosed"
        }
      ],
      "title": "Cookie Banner, Cookie Consent, Consent Log, Cookie Scanner, Script Blocker (for GDPR, CCPA \u0026 ePrivacy) : WP Cookie Consent \u003c= 4.0.7 - Missing Authorization to Unauthenticated Arbitrary Post Deletion"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
    "assignerShortName": "Wordfence",
    "cveId": "CVE-2025-14061",
    "datePublished": "2025-12-17T06:36:58.873Z",
    "dateReserved": "2025-12-04T20:05:20.864Z",
    "dateUpdated": "2026-04-08T17:04:48.101Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-14064 (GCVE-0-2025-14064)

Vulnerability from cvelistv5 – Published: 2025-12-12 03:20 – Updated: 2026-04-08 16:35
VLAI
Title
BuddyTask <= 1.3.0 - Missing Authorization to Authenticated (Subscriber+) Cross-Group Task Board Access and Manipulation
Summary
The BuddyTask plugin for WordPress is vulnerable to unauthorized access and modification of data due to a missing capability check on multiple AJAX endpoints in all versions up to, and including, 1.3.0. This makes it possible for authenticated attackers, with Subscriber-level access and above, to view, create, modify, and delete task boards belonging to any BuddyPress group, including private and hidden groups they are not members of.
SSVC
Exploitation: none Automatable: yes Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
Assigner
Impacted products
Vendor Product Version
cytechltd BuddyTask Affected: 0 , ≤ 1.3.0 (semver)
Create a notification for this product.
Credits
Itthidej Aramsri
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-14064",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-12-15T18:08:31.831947Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-12-15T18:17:09.131Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "BuddyTask",
          "vendor": "cytechltd",
          "versions": [
            {
              "lessThanOrEqual": "1.3.0",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Itthidej Aramsri"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "The BuddyTask plugin for WordPress is vulnerable to unauthorized access and modification of data due to a missing capability check on multiple AJAX endpoints in all versions up to, and including, 1.3.0. This makes it possible for authenticated attackers, with Subscriber-level access and above, to view, create, modify, and delete task boards belonging to any BuddyPress group, including private and hidden groups they are not members of."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 5.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-862",
              "description": "CWE-862 Missing Authorization",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-04-08T16:35:22.365Z",
        "orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
        "shortName": "Wordfence"
      },
      "references": [
        {
          "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/0dfe0947-5790-49ba-aa3d-6bc61c12b355?source=cve"
        },
        {
          "url": "https://plugins.trac.wordpress.org/browser/buddytask/trunk/buddytask.php#L458"
        },
        {
          "url": "https://plugins.trac.wordpress.org/browser/buddytask/trunk/buddytask.php#L666"
        },
        {
          "url": "https://cwe.mitre.org/data/definitions/862.html"
        },
        {
          "url": "https://plugins.trac.wordpress.org/browser/buddytask/tags/1.3.0/buddytask.php#L458"
        },
        {
          "url": "https://plugins.trac.wordpress.org/browser/buddytask/trunk/buddytask.php#L763"
        },
        {
          "url": "https://plugins.trac.wordpress.org/browser/buddytask/trunk/buddytask.php#L840"
        },
        {
          "url": "https://plugins.trac.wordpress.org/changeset/3416754/"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-12-11T14:24:56.000Z",
          "value": "Disclosed"
        }
      ],
      "title": "BuddyTask \u003c= 1.3.0 - Missing Authorization to Authenticated (Subscriber+) Cross-Group Task Board Access and Manipulation"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
    "assignerShortName": "Wordfence",
    "cveId": "CVE-2025-14064",
    "datePublished": "2025-12-12T03:20:39.570Z",
    "dateReserved": "2025-12-04T20:57:24.683Z",
    "dateUpdated": "2026-04-08T16:35:22.365Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-14065 (GCVE-0-2025-14065)

Vulnerability from cvelistv5 – Published: 2025-12-12 11:15 – Updated: 2026-04-08 16:33
VLAI
Title
Simple Bike Rental <= 1.0.6 - Missing Authorization to Authenticated (Subscriber+) Sensitive Booking Data Exposure
Summary
The Simple Bike Rental plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'simpbire_carica_prenotazioni' AJAX action in all versions up to, and including, 1.0.6. This makes it possible for authenticated attackers, with Subscriber-level access and above, to retrieve all booking records containing customers' personally identifiable information (PII), including names, email addresses, and phone numbers.
SSVC
Exploitation: none Automatable: yes Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
Assigner
Impacted products
Vendor Product Version
rodolforizzo76 Simple Bike Rental Affected: 0 , ≤ 1.0.6 (semver)
Create a notification for this product.
Credits
Athiwat Tiprasaharn
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-14065",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-12-12T15:31:49.426900Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-12-12T15:31:53.789Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Simple Bike Rental",
          "vendor": "rodolforizzo76",
          "versions": [
            {
              "lessThanOrEqual": "1.0.6",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Athiwat Tiprasaharn"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "The Simple Bike Rental plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the \u0027simpbire_carica_prenotazioni\u0027 AJAX action in all versions up to, and including, 1.0.6. This makes it possible for authenticated attackers, with Subscriber-level access and above, to retrieve all booking records containing customers\u0027 personally identifiable information (PII), including names, email addresses, and phone numbers."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-862",
              "description": "CWE-862 Missing Authorization",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-04-08T16:33:52.228Z",
        "orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
        "shortName": "Wordfence"
      },
      "references": [
        {
          "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/06f4e758-3328-4ac1-956a-cfadddd12e53?source=cve"
        },
        {
          "url": "https://plugins.trac.wordpress.org/browser/simple-bike-rental/trunk/includes/ajax.php#L137"
        },
        {
          "url": "https://plugins.trac.wordpress.org/browser/simple-bike-rental/tags/1.0.5/includes/ajax.php#L137"
        },
        {
          "url": "https://plugins.trac.wordpress.org/changeset/3414692/simple-bike-rental/"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-12-08T17:28:09.000Z",
          "value": "Vendor Notified"
        },
        {
          "lang": "en",
          "time": "2025-12-11T21:44:51.000Z",
          "value": "Disclosed"
        }
      ],
      "title": "Simple Bike Rental \u003c= 1.0.6 - Missing Authorization to Authenticated (Subscriber+) Sensitive Booking Data Exposure"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
    "assignerShortName": "Wordfence",
    "cveId": "CVE-2025-14065",
    "datePublished": "2025-12-12T11:15:48.880Z",
    "dateReserved": "2025-12-04T20:59:47.264Z",
    "dateUpdated": "2026-04-08T16:33:52.228Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-14067 (GCVE-0-2025-14067)

Vulnerability from cvelistv5 – Published: 2026-02-14 03:25 – Updated: 2026-04-08 17:06
VLAI
Title
Easy Form Builder <= 3.9.3 - Missing Authorization to Authenticated (Subscriber+) Sensitive Form Response Data Exposure
Summary
The Easy Form Builder plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on multiple AJAX actions in all versions up to, and including, 3.9.3. This makes it possible for authenticated attackers, with Subscriber-level access and above, to retrieve sensitive form response data, including messages, admin replies, and user information due to a logic error in the authorization check that uses AND (&&) instead of OR (||).
SSVC
Exploitation: none Automatable: yes Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
Assigner
Impacted products
Credits
Itthidej Aramsri
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-14067",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-02-17T15:04:22.125769Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-02-17T15:04:36.362Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Easy Form Builder by WhiteStudio \u2014 Drag \u0026 Drop Form Builder",
          "vendor": "hassantafreshi",
          "versions": [
            {
              "lessThanOrEqual": "3.9.3",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Itthidej Aramsri"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "The Easy Form Builder plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on multiple AJAX actions in all versions up to, and including, 3.9.3. This makes it possible for authenticated attackers, with Subscriber-level access and above, to retrieve sensitive form response data, including messages, admin replies, and user information due to a logic error in the authorization check that uses AND (\u0026\u0026) instead of OR (||)."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-862",
              "description": "CWE-862 Missing Authorization",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-04-08T17:06:39.245Z",
        "orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
        "shortName": "Wordfence"
      },
      "references": [
        {
          "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/8fe397d3-68de-4358-8490-8fbafa1908ef?source=cve"
        },
        {
          "url": "https://plugins.trac.wordpress.org/browser/easy-form-builder/trunk/includes/admin/class-Emsfb-admin.php#L709"
        },
        {
          "url": "https://plugins.trac.wordpress.org/browser/easy-form-builder/tags/3.9.0/includes/admin/class-Emsfb-admin.php#L709"
        },
        {
          "url": "https://plugins.trac.wordpress.org/changeset/3422020"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2026-02-13T14:26:12.000Z",
          "value": "Disclosed"
        }
      ],
      "title": "Easy Form Builder \u003c= 3.9.3 - Missing Authorization to Authenticated (Subscriber+) Sensitive Form Response Data Exposure"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
    "assignerShortName": "Wordfence",
    "cveId": "CVE-2025-14067",
    "datePublished": "2026-02-14T03:25:27.883Z",
    "dateReserved": "2025-12-04T21:05:58.622Z",
    "dateUpdated": "2026-04-08T17:06:39.245Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

Mitigation

Phase: Architecture and Design

Description:

  • Divide the product into anonymous, normal, privileged, and administrative areas. Reduce the attack surface by carefully mapping roles with data and functionality. Use role-based access control (RBAC) [REF-229] to enforce the roles at the appropriate boundaries.
  • Note that this approach may not protect against horizontal authorization, i.e., it will not protect a user from attacking others with the same role.
Mitigation

Phase: Architecture and Design

Description:

  • Ensure that access control checks are performed related to the business logic. These checks may be different than the access control checks that are applied to more generic resources such as files, connections, processes, memory, and database records. For example, a database may restrict access for medical records to a specific database user, but each record might only be intended to be accessible to the patient and the patient's doctor [REF-7].
Mitigation ID: MIT-4.4

Phase: Architecture and Design

Strategy: Libraries or Frameworks

Description:

  • Use a vetted library or framework that does not allow this weakness to occur or provides constructs that make this weakness easier to avoid.
  • For example, consider using authorization frameworks such as the JAAS Authorization Framework [REF-233] and the OWASP ESAPI Access Control feature [REF-45].
Mitigation

Phase: Architecture and Design

Description:

  • For web applications, make sure that the access control mechanism is enforced correctly at the server side on every page. Users should not be able to access any unauthorized functionality or information by simply requesting direct access to that page.
  • One way to do this is to ensure that all pages containing sensitive information are not cached, and that all such pages restrict access to requests that are accompanied by an active and authenticated session token associated with a user who has the required permissions to access that page.
Mitigation

Phases: System Configuration, Installation

Description:

  • Use the access control capabilities of your operating system and server environment and define your access control lists accordingly. Use a "default deny" policy when defining these ACLs.
CAPEC-665: Exploitation of Thunderbolt Protection Flaws

An adversary leverages a firmware weakness within the Thunderbolt protocol, on a computing device to manipulate Thunderbolt controller firmware in order to exploit vulnerabilities in the implementation of authorization and verification schemes within Thunderbolt protection mechanisms. Upon gaining physical access to a target device, the adversary conducts high-level firmware manipulation of the victim Thunderbolt controller SPI (Serial Peripheral Interface) flash, through the use of a SPI Programing device and an external Thunderbolt device, typically as the target device is booting up. If successful, this allows the adversary to modify memory, subvert authentication mechanisms, spoof identities and content, and extract data and memory from the target device. Currently 7 major vulnerabilities exist within Thunderbolt protocol with 9 attack vectors as noted in the Execution Flow.

Back to CWE stats page