CVE-2025-10648
BaseFortify
Publication date: 2025-10-15
Last updated on: 2026-04-08
Assigner: Wordfence
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| yourmembership | login_with_yourmembership | * |
| wordpress | wordpress | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-862 | The product does not perform an authorization check when an actor attempts to access a resource or perform an action. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-10648 is a vulnerability in the YourMembership Single Sign On (SSO) Login plugin for WordPress, where a missing capability check on the 'moym_display_test_attributes' function allows unauthenticated attackers to access profile data of the latest SSO login. Essentially, this means that anyone, even without logging in, can read certain user profile information due to insufficient access control in the plugin.
How can this vulnerability impact me? :
This vulnerability can lead to unauthorized disclosure of user profile data from the YourMembership SSO plugin on WordPress sites. An attacker could exploit this to read sensitive profile information without authentication, potentially leading to privacy breaches or further targeted attacks against users of the affected site.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
Unauthorized access to user profile data due to this vulnerability could result in non-compliance with data protection regulations such as GDPR or HIPAA, which require safeguarding personal data against unauthorized access. Exposure of personal information without proper authorization may lead to regulatory penalties and damage to organizational reputation.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by checking if the YourMembership Single Sign On β YM SSO Login plugin for WordPress is installed and running a version up to and including 1.1.7. On the system, you can verify the plugin version in the WordPress plugins directory or admin dashboard. Additionally, monitoring HTTP requests for access to the 'moym_display_test_attributes' function or related GET parameters such as 'option' containing 'moymsso' or 'code' may indicate exploitation attempts. Specific commands to check the plugin version include: 1) On the server, list the plugin directory and check the version in the plugin's main file header or readme.txt, e.g., `grep 'Version' wp-content/plugins/yourmembership-sso-login/yourmembership-sso-login.php`. 2) Use WP-CLI to list plugins and their versions: `wp plugin list | grep yourmembership`. 3) Monitor web server logs for suspicious GET requests containing 'moymsso' or 'code' parameters, e.g., `grep -i 'moymsso' /var/log/apache2/access.log` or `grep -i 'code=' /var/log/apache2/access.log`. [2]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include updating the YourMembership Single Sign On β YM SSO Login plugin to a version later than 1.1.7 where the missing capability check on the 'moym_display_test_attributes' function is fixed. If an update is not available, temporarily disable the plugin to prevent unauthorized access. Additionally, restrict access to the vulnerable function by implementing capability checks or access controls in the plugin code. Monitoring and blocking suspicious requests targeting the 'moym_display_test_attributes' function or related GET parameters can also help reduce risk. [2]