CVE-2025-28984
BaseFortify
Publication date: 2025-06-06
Last updated on: 2026-04-23
Assigner: Patchstack
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-352 | The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a Cross-Site Request Forgery (CSRF) issue in the Subscription Renewal Reminders for WooCommerce plugin (versions up to 1.3.7). It allows an attacker to trick authenticated users with higher privileges into performing unwanted actions within the plugin without their consent. Essentially, the attacker can cause these users to execute operations they did not intend, potentially leading to unauthorized changes or actions. [1]
How can this vulnerability impact me? :
The impact of this vulnerability is considered low severity with a CVSS score of 4.3. An attacker can exploit it without authentication by tricking privileged users into executing unwanted actions, which could lead to unauthorized operations within the plugin. However, exploitation is unlikely and no direct data confidentiality or availability impact is expected. Users should monitor for updates and consider virtual patching to mitigate risk. [1]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
There are no specific detection commands or network indicators provided for this vulnerability. Detection would generally involve monitoring for unauthorized or unexpected actions performed by authenticated users within the Subscription Renewal Reminders for WooCommerce plugin. Since the vulnerability is a CSRF issue, typical detection might include reviewing web server logs for suspicious POST requests or unusual user activity, but no explicit commands or signatures are given. [1]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include applying virtual patching (vPatch) offered by Patchstack to provide automatic protection in the absence of an official fix. Users should monitor for updates from the plugin developer, consider professional incident response if compromise is suspected, and limit exposure by restricting access to higher privileged users where possible. [1]