CVE-2025-6814
BaseFortify
Publication date: 2025-07-04
Last updated on: 2025-07-08
Assigner: Wordfence
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-862 | The product does not perform an authorization check when an actor attempts to access a resource or perform an action. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
The vulnerability in the Booking X WordPress plugin (versions 1.0 to 1.1.2) is due to a missing capability check on the export_now() function. This flaw allows unauthenticated attackers to send a crafted POST request that lets them download all plugin data without authorization. The exposed data includes user accounts, user meta information, and PayPal credentials.
How can this vulnerability impact me? :
This vulnerability can lead to unauthorized disclosure of sensitive data such as user accounts, user metadata, and PayPal credentials. An attacker exploiting this flaw could gain access to private user information and payment details, potentially leading to identity theft, financial fraud, and loss of trust in the affected website.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
This vulnerability could cause non-compliance with data protection regulations such as GDPR and HIPAA because it allows unauthorized access to sensitive personal and payment data. Such a data breach may violate requirements for protecting user information, potentially resulting in legal penalties, mandatory breach notifications, and reputational damage.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by monitoring for unauthorized or unusual POST requests targeting the export_now() function of the Booking X plugin. Specifically, look for POST requests to the plugin's export endpoint that do not require authentication but result in data export. A practical detection method is to use network monitoring or web server logs to identify such POST requests. For example, using command-line tools like curl to test the endpoint or grep to search logs for suspicious POST requests to the export functionality. Example commands: 1) curl -X POST https://yourwordpresssite.com/wp-admin/admin-ajax.php?action=export_now -I 2) grep 'POST.*export_now' /var/log/apache2/access.log 3) Use intrusion detection systems to alert on unauthenticated POST requests to this endpoint.
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include: 1) Disable or uninstall the Booking X plugin version 1.0 to 1.1.2, as the plugin was closed and removed from distribution as of July 1, 2025. 2) Restrict access to the export_now() function endpoint by implementing authentication or IP restrictions at the web server or application firewall level. 3) Monitor and block suspicious POST requests targeting the export functionality. 4) Update the plugin to a patched version once available or replace it with a secure alternative. Since the plugin is no longer available for download and pending review, removing it is the safest immediate action. [1]