CVE-2025-30957
BaseFortify
Publication date: 2025-06-06
Last updated on: 2026-04-23
Assigner: Patchstack
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-862 | The product does not perform an authorization check when an actor attempts to access a resource or perform an action. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-30957 is a broken access control vulnerability in the WordPress plugin Activity Plus Reloaded for BuddyPress (versions up to 1.1.2). It occurs due to missing authorization, authentication, or nonce token checks in certain plugin functions, allowing users with low privileges (Subscriber level) to perform actions meant for higher-privileged users. This means unauthorized users can exploit the plugin to bypass intended access restrictions. [1]
How can this vulnerability impact me? :
This vulnerability can allow low-privileged users to perform unauthorized actions within the plugin, potentially leading to unauthorized changes or disruptions. Although the CVSS score is 5.4 indicating low severity and it is unlikely to be widely exploited, it still poses a risk of integrity and availability impact on the affected system. Users should monitor for updates or apply virtual patching to mitigate the risk. [1]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
Detection involves monitoring for unauthorized actions performed by Subscriber-level users that should require higher privileges. Since the vulnerability arises from missing authorization checks in plugin functions, you can audit web server logs for suspicious POST or GET requests to the Activity Plus Reloaded plugin endpoints originating from low-privilege accounts. Additionally, server-side malware scanning and professional incident response are recommended to detect compromise. Specific commands are not provided in the resources. [1]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include applying virtual patching (vPatching) to automatically block attacks targeting this vulnerability, as no official patch is available yet. Users should monitor for updates or fixed versions of the plugin. In case of suspected compromise, conduct professional incident response and server-side malware scanning rather than relying on plugin-based malware scanners. [1]