CVE-2025-47565
BaseFortify
Publication date: 2025-07-04
Last updated on: 2026-04-23
Assigner: Patchstack
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-862 | The product does not perform an authorization check when an actor attempts to access a resource or perform an action. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-47565 is a Broken Access Control vulnerability in the WordPress EventON plugin (versions up to 4.9.9). It occurs because of missing authorization, authentication, or nonce token checks in certain functions, allowing users with low privileges (Subscriber level) to perform actions that should require higher privileges. This means unauthorized users can exploit incorrectly configured access control security levels to carry out restricted actions. [1]
How can this vulnerability impact me? :
This vulnerability can allow unprivileged users to perform unauthorized actions on your WordPress site using the EventON plugin, potentially leading to data manipulation, information disclosure, or other malicious activities. Since attackers often automate exploitation of such vulnerabilities, your site could be compromised quickly if not mitigated. It is recommended to apply the provided virtual patch and conduct professional incident response and malware scanning if compromise is suspected. [1]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
Detection of this vulnerability involves monitoring for unauthorized actions performed by users with Subscriber-level privileges that should require higher privileges. Since the vulnerability is due to missing authorization checks in certain functions, you can look for unusual access patterns or privilege escalations in your WordPress logs. Patchstack recommends professional incident response and server-side malware scanning rather than relying solely on plugin-based malware scanners. Specific commands are not provided in the resources, but general approaches include reviewing web server access logs for suspicious requests and using malware scanning tools on the server. [1]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include applying the virtual patch (vPatch) provided by Patchstack, which blocks attack attempts until an official fix is released. It is important to implement this virtual patch as soon as possible to prevent exploitation. Additionally, conducting professional incident response and performing server-side malware scanning is recommended if compromise is suspected. Avoid relying solely on plugin-based malware scanners for protection. [1]