CVE-2025-49980
BaseFortify
Publication date: 2025-06-20
Last updated on: 2026-04-23
Assigner: Patchstack
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-862 | The product does not perform an authorization check when an actor attempts to access a resource or perform an action. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a Broken Access Control issue in the WordPress WP User Profile Avatar plugin (up to version 1.0.6). It occurs due to missing authorization, authentication, or nonce token checks in certain functions, which can allow users with low privileges (Subscriber-level) to perform actions that should be restricted to higher-privileged users. It is classified under OWASP Top 10 category A1: Broken Access Control and has a low severity rating with a CVSS score of 4.3. [1]
How can this vulnerability impact me? :
This vulnerability could allow unprivileged users to perform unauthorized actions within the WP User Profile Avatar plugin, potentially leading to unauthorized changes or access within the WordPress site. Although the severity is low and exploitation is considered unlikely, attackers might automate exploitation attempts. There is currently no official patch, but virtual patching is available as a mitigation. If compromise is suspected, professional incident response and malware scanning are recommended. [1]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
Detection of this vulnerability involves checking for unauthorized actions performed by users with Subscriber-level privileges that should be restricted. Since the vulnerability arises from missing authorization checks in the WP User Profile Avatar plugin (up to version 1.0.6), monitoring WordPress logs for suspicious privilege escalations or unauthorized profile avatar changes can help. However, no specific detection commands are provided. It is recommended to use professional incident response or hosting provider assistance for malware scanning, as plugin-based scanners may be unreliable due to tampering. [1]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include applying virtual patching (vPatching) offered by Patchstack, which automatically protects against this vulnerability without requiring an official patch. Additionally, users should monitor for suspicious activity and seek professional incident response or hosting provider assistance if compromise is suspected. Since no official fix or patched version is currently available, relying on virtual patching and enhanced monitoring is advised. [1]