CVE-2025-58613
BaseFortify
Publication date: 2025-09-03
Last updated on: 2026-04-23
Assigner: Patchstack
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| barn2_plugins | posts_table_with_search_and_sort | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-862 | The product does not perform an authorization check when an actor attempts to access a resource or perform an action. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a Broken Access Control issue in the WordPress plugin "Posts Table with Search & Sort" (versions up to 1.4.10) by Barn2 Plugins. It arises from missing authorization, authentication, or nonce token checks in certain functions, which can allow unauthenticated users to perform actions that should be restricted to higher-privileged users. It is classified under OWASP Top 10 category A1: Broken Access Control and has a low severity with a CVSS score of 5.3. [1]
How can this vulnerability impact me? :
This vulnerability could allow unauthenticated users to perform actions reserved for privileged users, potentially leading to unauthorized access or manipulation of data within the plugin. However, the impact is considered low severity and the vulnerability is unlikely to be widely exploited. Users are advised to update to version 1.4.11 or later to mitigate the risk. [1]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
Detection of this vulnerability involves checking the version of the 'Posts Table with Search & Sort' WordPress plugin installed on your system. If the version is up to and including 1.4.10, it is vulnerable. You can detect the plugin version by running commands such as 'wp plugin list' using WP-CLI or by inspecting the plugin files directly. There are no specific network commands provided to detect exploitation attempts. Monitoring for unauthorized access or actions reserved for higher-privileged users without authentication may also help identify exploitation. [1]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include updating the 'Posts Table with Search & Sort' plugin to version 1.4.11 or later, where the vulnerability is fixed. Enabling auto-updates for this plugin is also recommended. Additionally, applying virtual patching (vPatch) offered by Patchstack can provide automatic mitigation before official patches are applied. If you suspect compromise, seek professional incident response. [1]