CVE-2025-29013
BaseFortify
Publication date: 2025-06-06
Last updated on: 2026-04-23
Assigner: Patchstack
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-862 | The product does not perform an authorization check when an actor attempts to access a resource or perform an action. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a broken access control issue in the WordPress plugin "Custom Category/Post Type Post order" up to version 1.5.9. It occurs due to missing authorization, authentication, or nonce token checks in certain functions, allowing users with low privileges (Subscriber-level) to perform actions that should require higher privileges. It is classified under OWASP Top 10 category A1: Broken Access Control. [1]
How can this vulnerability impact me? :
The vulnerability allows unprivileged users to perform unauthorized actions, potentially leading to integrity and availability impacts on the affected system. Although it has a moderate severity score (CVSS 5.4) and is considered unlikely to be exploited, attackers may automate exploitation to compromise multiple websites. If exploited, it could lead to unauthorized changes or disruptions. No official patch is available, but virtual patching is offered as a mitigation. [1]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
Detection of this vulnerability involves monitoring for unauthorized actions performed by users with Subscriber-level privileges that should require higher privileges. Since the vulnerability is due to missing authorization checks in certain plugin functions, you can audit access logs for suspicious POST or GET requests targeting the Custom Category/Post Type Post order plugin endpoints. However, no specific detection commands are provided. It is recommended to perform server-side malware scanning and professional incident response if compromise is suspected. [1]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include applying virtual patching (vPatching) provided by Patchstack, which auto-mitigates the vulnerability even without an official patch. Additionally, restrict Subscriber-level user capabilities where possible, monitor for suspicious activity, and consider professional incident response and server-side malware scanning if compromise is suspected. Since no official patch is available, relying on virtual patching and access control hardening is recommended. [1]