CVE-2025-58201
BaseFortify
Publication date: 2025-08-27
Last updated on: 2026-04-28
Assigner: Patchstack
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| aftership | aftership_tracking | 1.17.17 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-862 | The product does not perform an authorization check when an actor attempts to access a resource or perform an action. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a Broken Access Control issue in the AfterShip Tracking WordPress plugin (up to version 1.17.17). It allows unauthenticated users to perform actions that normally require higher privileges because certain plugin functions lack proper authorization, authentication, or nonce token checks. Essentially, users without proper permissions can access or execute functionality they shouldn't be able to. [1]
How can this vulnerability impact me? :
The vulnerability can allow unauthorized users to perform privileged actions within the AfterShip Tracking plugin, potentially leading to unauthorized changes or access to functionality. Although the severity is rated as low (CVSS 5.3), automated attacks targeting such flaws are common. If exploited, it may require professional incident response and server-side malware scanning to remediate. [1]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
Detection of this vulnerability involves identifying unauthorized access attempts to privileged functions in the AfterShip Tracking plugin versions up to 1.17.17. Since the vulnerability allows unauthenticated users to perform restricted actions, monitoring web server logs for unusual or unauthorized API calls or plugin function accesses can help. There are no specific commands provided for detection. Additionally, professional incident response and server-side malware scanning are recommended over plugin-based scanners to detect compromise. [1]
What immediate steps should I take to mitigate this vulnerability?
The immediate mitigation step is to update the AfterShip Tracking plugin to version 1.17.18 or later, where the vulnerability is fixed. Alternatively, Patchstack offers virtual patching (vPatching) to auto-mitigate this and other vulnerabilities before official patches are applied. It is also advised to perform professional incident response and server-side malware scanning if compromise is suspected. [1]