CVE-2025-6895
BaseFortify
Publication date: 2025-07-26
Last updated on: 2025-07-29
Assigner: Wordfence
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| melapress | melapress_login_security | 2.1.0 |
| melapress | melapress_login_security | 2.1.1 |
| melapress | melapress_login_security | 2.2.0 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-288 | The product requires authentication, but the product has an alternate path or channel that does not require authentication. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-6895 is a security vulnerability in the Melapress Login Security WordPress plugin versions 2.1.0 to 2.1.1. It is an authentication bypass flaw caused by missing authorization checks in the get_valid_user_based_on_token() function. This allows unauthenticated attackers who know an arbitrary user meta value to bypass normal authentication and log in as that user without valid credentials. The vulnerability was fixed in version 2.2.0 with comprehensive code sanitization and security improvements. [1]
How can this vulnerability impact me? :
This vulnerability can have severe impacts as it allows attackers to bypass authentication and gain unauthorized access to user accounts on a WordPress site using the Melapress Login Security plugin (versions 2.1.0 to 2.1.1). Since attackers can log in as any user if they know a user meta value, they could potentially access sensitive data, perform administrative actions, or compromise the entire site. The CVSS score of 9.8 indicates a critical severity with high impact on confidentiality, integrity, and availability.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The vulnerability undermines authentication controls, which can lead to unauthorized access to personal and sensitive data. This compromises data protection requirements under regulations like GDPR and HIPAA, which mandate strict access controls and protection of user data. Exploitation of this flaw could result in data breaches, violating compliance obligations and potentially leading to legal and financial consequences. [1]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
Detection of this vulnerability involves identifying if the Melapress Login Security plugin version 2.1.0 or 2.1.1 is installed on your WordPress site, as these versions contain the authentication bypass flaw. You can check the plugin version via the WordPress admin dashboard or by inspecting the plugin files. Additionally, monitoring for unusual login activity or unauthorized logins could indicate exploitation attempts. There are no specific network commands provided in the resources to detect this vulnerability directly. However, verifying plugin version can be done via WP-CLI with the command: `wp plugin list --status=active` and checking the version of melapress-login-security. If the version is 2.1.0 or 2.1.1, the site is vulnerable and should be updated. [1]
What immediate steps should I take to mitigate this vulnerability?
The immediate mitigation step is to update the Melapress Login Security plugin to version 2.2.0 or later, where the vulnerability has been fixed. This update includes multiple security improvements, code sanitization, and bug fixes that address the authentication bypass issue. Additionally, reviewing and enforcing strong password policies, limiting login attempts, and monitoring login activity can help reduce risk. If updating immediately is not possible, consider disabling the plugin temporarily to prevent exploitation. [1]