CVE-2025-11816
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-11-01

Last updated on: 2025-11-04

Assigner: Wordfence

Description
The Privacy Policy Generator, Terms & Conditions Generator WordPress Plugin : WP Legal Pages plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the disconnect_account_request() function in all versions up to, and including, 3.5.1. This makes it possible for unauthenticated attackers to disconnect the site from its API plan.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-11-01
Last Modified
2025-11-04
Generated
2026-05-07
AI Q&A
2025-11-01
EPSS Evaluated
2026-05-05
NVD
CVE-2025-11816
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
wordpres wp_legal_pages *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-862 The product does not perform an authorization check when an actor attempts to access a resource or perform an action.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

The vulnerability in the WP Legal Pages WordPress plugin (up to version 3.5.1) is due to a missing capability check in the disconnect_account_request() function. This flaw allows unauthenticated attackers to send requests to disconnect the site from its API plan without proper authorization. Essentially, attackers can reset the plugin's activation status and disconnect the site from its SaaS backend via the REST API endpoint that handles account disconnection, bypassing intended permission checks. [2, 3]


How can this vulnerability impact me? :

This vulnerability can impact you by allowing unauthorized parties to disconnect your WordPress site from its API plan managed by the WP Legal Pages plugin. This could disrupt the plugin's functionality related to managing legal pages and subscription status, potentially causing loss of service, incorrect plugin state, or interruption in legal compliance features that rely on the SaaS backend integration. [2, 3]


How can this vulnerability be detected on my network or system? Can you suggest some commands?

This vulnerability can be detected by monitoring REST API requests to the WP Legal Pages plugin endpoints, especially POST requests to `/wpl/v2/delete_activation` which is used to disconnect the site from its API plan. You can look for unauthorized or unauthenticated POST requests to this endpoint. For example, using command-line tools like curl or network monitoring tools to detect such requests. A sample command to test the endpoint could be: curl -X POST https://yourwordpresssite.com/wp-json/wpl/v2/delete_activation Additionally, reviewing WordPress logs or web server access logs for suspicious POST requests to this REST API route can help detect exploitation attempts. [2, 3]


What immediate steps should I take to mitigate this vulnerability?

Immediate mitigation steps include: 1. Update the WP Legal Pages plugin to a version later than 3.5.1 where this vulnerability is fixed. 2. Restrict access to the REST API endpoints related to the plugin by implementing additional authentication or firewall rules. 3. Monitor and block unauthorized POST requests to `/wpl/v2/delete_activation` endpoint. 4. If updating immediately is not possible, consider disabling the plugin temporarily to prevent exploitation. 5. Review and tighten user capabilities and API secret management to ensure only authorized users can perform sensitive actions. These steps help prevent unauthorized disconnection of the site from its API plan and protect plugin settings. [2, 3]


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart