CVE-2025-11510
BaseFortify
Publication date: 2025-10-18
Last updated on: 2025-10-21
Assigner: Wordfence
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| wordfence | filebird | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-285 | The product does not perform or incorrectly performs an authorization check when an actor attempts to access a resource or perform an action. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability in the FileBird WordPress plugin allows authenticated users with author-level access or higher to reset all of the plugin's configuration data without proper authorization. This happens because the plugin's /filebird/v1/fb-wipe-clear-all-data function lacks a capability check, enabling unauthorized modification of data.
How can this vulnerability impact me? :
An attacker with author-level access or above can exploit this vulnerability to reset all configuration data of the FileBird plugin. This could disrupt the organization and management of media library folders, potentially causing data loss or requiring reconfiguration, impacting site functionality and user experience.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
You can detect this vulnerability by checking if the /filebird/v1/fb-wipe-clear-all-data endpoint is accessible and can be triggered by users with author-level access or above without proper capability checks. Since the vulnerability involves missing permission checks, you can test by attempting to call this REST API endpoint with an authenticated user having author-level permissions and observe if the plugin's configuration data can be reset. Specific commands would involve using curl or similar tools to send authenticated POST requests to the endpoint. For example: curl -X POST -H "Authorization: Bearer <token>" https://yourwordpresssite.com/wp-json/filebird/v1/fb-wipe-clear-all-data. If the request succeeds without proper authorization errors, the vulnerability is present.
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include updating the FileBird plugin to a version that includes the fix, which enforces capability checks (manage_options) before allowing data clearance operations. If an update is not immediately available, restrict author-level users from accessing the vulnerable endpoint or disable the plugin temporarily. Additionally, monitor and audit user activities related to the /filebird/v1/fb-wipe-clear-all-data endpoint to detect unauthorized attempts. The fix involves adding permission checks as shown in the changeset that verifies the user has the 'manage_options' capability before allowing data deletion. [2]