CVE-2025-11255
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-10-25

Last updated on: 2025-10-27

Assigner: Wordfence

Description
The Password Policy Manager | Password Manager plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'moppm_ajax' AJAX endpoint in all versions up to, and including, 2.0.5. This makes it possible for authenticated attackers, with Subscriber-level access and above, to log out the site's connection to miniorange.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-10-25
Last Modified
2025-10-27
Generated
2026-06-16
AI Q&A
2025-10-25
EPSS Evaluated
2026-06-15
NVD
CVE-2025-11255
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
wordfence password_policy_manager *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-862 The product does not perform an authorization check when an actor attempts to access a resource or perform an action.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability exists in the Password Policy Manager | Password Manager plugin for WordPress (up to version 2.0.5) where there is a missing capability check on the 'moppm_ajax' AJAX endpoint. This allows authenticated attackers with Subscriber-level access or higher to perform unauthorized actions, specifically to log out the site's connection to miniorange. Essentially, users with low-level access can manipulate data they should not be able to, due to insufficient permission checks in the plugin's AJAX handling. [2]

Impact Analysis

The impact of this vulnerability is that an attacker with Subscriber-level access or above can forcibly log out the site's connection to miniorange, potentially disrupting authentication or security services relying on that connection. This unauthorized modification could lead to denial of service for legitimate users or administrative disruption, although it does not directly compromise data confidentiality or availability beyond this logout action.

Detection Guidance

This vulnerability can be detected by monitoring AJAX requests to the 'moppm_ajax' endpoint for unauthorized or suspicious activity, especially from users with Subscriber-level access or above. Since the vulnerability involves missing capability checks on this AJAX endpoint, you can inspect web server logs or use tools like curl or wget to simulate requests to this endpoint and observe responses. For example, you might use a command like: curl -X POST -d 'action=moppm_ajax' https://yourwordpresssite.com/wp-admin/admin-ajax.php -H 'Cookie: wordpress_logged_in=...' to test if unauthorized modifications are possible. Additionally, checking for the plugin version (if it is 2.0.5 or below) can help identify vulnerable installations.

Mitigation Strategies

The immediate step to mitigate this vulnerability is to update the Password Policy Manager | Password Manager plugin to version 2.0.6 or later, which includes enhanced nonce verification and capability checks preventing unauthorized access. This update fixes the missing capability check on the 'moppm_ajax' AJAX endpoint and strengthens security by adding proper permission checks and nonce validation. Until the update is applied, restrict access to the AJAX endpoint if possible and monitor for suspicious activity. [2]

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-11255. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart