CVE-2025-6721
BaseFortify
Publication date: 2025-07-19
Last updated on: 2025-07-22
Assigner: Wordfence
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| wordpress | vchasno_kasa_plugin | 1.0.3 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-862 | The product does not perform an authorization check when an actor attempts to access a resource or perform an action. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in the Vchasno Kasa WordPress plugin (up to version 1.0.3) due to a missing capability check in the function mrkv_vchasno_kasa_wc_do_metabox_action(). Because of this, unauthenticated attackers can exploit the plugin to generate invoices for arbitrary orders without proper authorization.
How can this vulnerability impact me? :
The vulnerability allows unauthenticated attackers to generate invoices for any orders, potentially leading to unauthorized access to order-related data and manipulation of invoice generation. This could result in fraudulent invoice creation and misuse of order information.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
Detection of this vulnerability involves identifying if the vulnerable Vchasno Kasa WordPress plugin (version 1.0.3 or earlier) is installed and active on your WordPress site. Since the vulnerability allows unauthenticated attackers to generate invoices via the mrkv_vchasno_kasa_wc_do_metabox_action() function, monitoring for unexpected invoice creation actions or unauthorized access attempts to related AJAX or admin endpoints could help detect exploitation attempts. Specific commands to detect the plugin version include: 1) Using WP-CLI to list installed plugins and their versions: `wp plugin list --format=json` and check for 'mrkv-vchasno-kasa' plugin version <= 1.0.3. 2) Searching web server logs for suspicious POST requests to endpoints related to the plugin or WooCommerce order actions that trigger invoice creation. 3) Using curl or wget to test if the invoice creation action can be triggered without authentication (only in a safe test environment). [1]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include: 1) Updating the Vchasno Kasa plugin to a version later than 1.0.3 where the missing capability check is fixed. 2) If an update is not yet available, restrict access to the plugin's invoice creation functionality by limiting access to authenticated and authorized users only, for example by applying web server access controls or WordPress capability checks. 3) Monitor and audit WooCommerce order actions and logs for unauthorized invoice creation attempts. 4) Disable or remove the plugin temporarily if the risk is high and no patch is available. 5) Ensure WordPress and WooCommerce installations are up to date and secure to reduce attack surface. [1]