CVE-2025-5304
BaseFortify
Publication date: 2025-06-28
Last updated on: 2025-07-07
Assigner: Wordfence
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| ptoffice | pt_project_notebooks | From 1.0.0 (inc) to 1.1.3 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-862 | The product does not perform an authorization check when an actor attempts to access a resource or perform an action. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
The vulnerability in the PT Project Notebooks WordPress plugin is a Privilege Escalation issue caused by missing authorization checks in the function wpnb_pto_new_users_add(). This flaw allows unauthenticated attackers to add new users with administrator-level privileges, effectively elevating their access rights without proper permission. [2]
How can this vulnerability impact me? :
This vulnerability can have severe impacts as it allows attackers to gain administrator privileges on a WordPress site using the PT Project Notebooks plugin. With administrator access, attackers can control the entire site, modify content, install malicious code, steal sensitive data, disrupt operations, or further compromise the system. [1, 2]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by checking if the PT Project Notebooks plugin version 1.0.0 through 1.1.3 is installed on your WordPress site. Since the vulnerability involves unauthorized privilege escalation via the wpnb_pto_new_users_add() function, monitoring for suspicious AJAX requests to this endpoint or unexpected new administrator accounts being created can help detect exploitation attempts. You can use commands to list installed plugins and their versions, for example, using WP-CLI: `wp plugin list` to identify the plugin version. Additionally, inspecting web server logs for POST requests to AJAX actions related to user addition (e.g., wp-admin/admin-ajax.php?action=wpnb_pto_new_users_add) may reveal exploitation attempts. [1, 2]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include disabling or uninstalling the PT Project Notebooks plugin version 1.0.0 through 1.1.3, as the plugin has been temporarily closed and is unavailable for download pending a security review. Restrict access to AJAX endpoints related to user addition and management, especially those accessible to unauthenticated users. Apply strict access controls and verify nonces properly to prevent unauthorized privilege escalation. Monitor and remove any unauthorized administrator accounts created via this vulnerability. Finally, update the plugin once a patched version is released. [1, 2]