CVE-2025-28950
BaseFortify
Publication date: 2025-06-06
Last updated on: 2026-04-23
Assigner: Patchstack
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-352 | The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a Cross-Site Request Forgery (CSRF) in the WordPress Post Author plugin (up to version 1.1.1). It allows an attacker to trick authenticated users with higher privileges into performing unwanted actions on the site without their consent. This can lead to stored Cross-Site Scripting (XSS) attacks, compromising site security. The vulnerability requires no authentication to exploit and is classified under OWASP Top 10 A1: Broken Access Control. [1]
How can this vulnerability impact me? :
This vulnerability can impact you by allowing attackers to execute unauthorized actions on your WordPress site through the Post Author plugin. This can lead to stored XSS attacks, potentially compromising the confidentiality, integrity, and availability of your site. It may result in unauthorized changes, data exposure, or site disruption. Since no official patch is available, the risk remains until mitigated by virtual patching or other protective measures. [1]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
There are no specific detection commands provided for this vulnerability. Since it is a CSRF vulnerability in the Post Author WordPress plugin up to version 1.1.1, detection may require monitoring for unusual or unauthorized actions performed by authenticated users. Plugin-based malware scanners may be unreliable for detecting this issue. Professional incident response services are recommended if compromise is suspected. [1]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include applying virtual patching (vPatching) provided by Patchstack, which offers automatic protection even without an official fix. Users should also consider restricting access to the affected plugin, monitoring for suspicious activity, and seeking professional incident response services if compromise is suspected. Since no official patch is available, virtual patching is the primary recommended mitigation. [1]