CVE-2025-7695
BaseFortify
Publication date: 2025-07-24
Last updated on: 2025-07-25
Assigner: Wordfence
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| wordpress | dataverse_integration | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-862 | The product does not perform an authorization check when an actor attempts to access a resource or perform an action. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-7695 is a privilege escalation vulnerability in the Dataverse Integration WordPress plugin versions 2.77 through 2.81. The plugin's reset_password_link REST endpoint lacks proper authorization checks, allowing any authenticated user with Subscriber-level access or higher to request a password reset link for any user, including administrators. This happens because the endpoint only verifies that the caller is authenticated but does not verify ownership or editing rights over the target account, enabling attackers to hijack administrator accounts by obtaining their password reset links. [1]
How can this vulnerability impact me? :
This vulnerability can allow an authenticated attacker with low-level access (Subscriber or above) to escalate their privileges by obtaining password reset links for administrator accounts. This enables the attacker to hijack administrator accounts, potentially gaining full control over the WordPress site, leading to data breaches, site defacement, or further malicious activities. [1]
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
This vulnerability can negatively impact compliance with standards like GDPR and HIPAA because it allows unauthorized access to administrator accounts, potentially leading to unauthorized access, modification, or disclosure of sensitive personal or protected health information. Such unauthorized access violates data protection and privacy requirements mandated by these regulations.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by checking if your WordPress site is running the Dataverse Integration plugin versions 2.77 through 2.81, which lack proper authorization checks on the reset_password_link REST endpoint. You can verify the plugin version via the WordPress admin dashboard or by running the following command in the WordPress installation directory to check the plugin version: wp plugin get integration-cds --field=version Additionally, monitoring REST API calls to the reset_password_link endpoint for unauthorized access attempts or unusual password reset link generation can help detect exploitation attempts. For example, you can use network monitoring tools or server logs to look for POST requests to the endpoint `/wp-json/integration-cds/v1/reset_password_link` from authenticated users with Subscriber-level access or above. [1, 2]
What immediate steps should I take to mitigate this vulnerability?
To mitigate this vulnerability immediately, update the Dataverse Integration plugin to version 2.81.1 or later, which includes security patches that add proper permission checks to the reset_password_link REST endpoint, preventing unauthorized password reset link generation. If updating immediately is not possible, restrict access to the REST API endpoints related to password reset by limiting authenticated user roles that can access them or temporarily disable the plugin until the update can be applied. [2]