CVE-2025-58809
BaseFortify
Publication date: 2025-09-05
Last updated on: 2026-04-23
Assigner: Patchstack
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| patchstack | to_lead_for_salesforce | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-352 | The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-58809 is a Cross-Site Request Forgery (CSRF) vulnerability in the WordPress plugin "To Lead For Salesforce" up to version 2.7.3.9. It allows an attacker to trick authenticated users with higher privileges into performing unwanted actions on the site without their consent. This can lead to unauthorized operations being executed, potentially compromising the security of the site. The vulnerability is also related to Reflected XSS and falls under the OWASP Top 10 category A1: Broken Access Control. [1]
How can this vulnerability impact me? :
This vulnerability can impact you by allowing attackers to perform unauthorized actions on your site by exploiting authenticated users with higher privileges. This could lead to data compromise, unauthorized changes, or other malicious activities depending on the specific use case of the plugin. Since the plugin is abandoned and no official fix is available, the risk remains unless you replace the plugin or apply a virtual patch. Simply deactivating the plugin does not fully mitigate the risk. [1]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
Detection of this CSRF vulnerability involves identifying if the WordPress 'To Lead For Salesforce' plugin version 2.7.3.9 or earlier is installed and active. Since this vulnerability allows attackers to trick authenticated users into executing unwanted actions, monitoring for unusual or unauthorized requests that perform state-changing operations could help. However, no specific detection commands or tools are provided in the available resources. [1]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include replacing the vulnerable 'To Lead For Salesforce' plugin with an alternative plugin, as the original plugin is abandoned and has no official fix. Simply deactivating the plugin does not fully eliminate the risk unless a virtual patch (vPatch) is applied. Patchstack offers virtual patching solutions that can be used to mitigate this vulnerability in the absence of official updates. [1]