CVE-2025-13528
BaseFortify
Publication date: 2025-12-05
Last updated on: 2025-12-08
Assigner: Wordfence
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| wordpress | feedback_modal_for_website | 1.0.1 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-862 | The product does not perform an authorization check when an actor attempts to access a resource or perform an action. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in the Feedback Modal for Website plugin for WordPress, where a missing capability check in the 'handle_export' function allows unauthenticated attackers to export all feedback data in CSV or JSON format using the 'export_data' parameter. This means anyone can access and download feedback data without proper authorization.
How can this vulnerability impact me? :
The vulnerability can lead to unauthorized disclosure of feedback data, potentially exposing sensitive or private information collected through the plugin. Since attackers can export all feedback data without authentication, this could result in data breaches and loss of user trust.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
This vulnerability allows unauthenticated attackers to export all feedback data in CSV or JSON format without any capability checks, potentially exposing personal or sensitive information collected via the plugin. Such unauthorized data access and export could lead to non-compliance with data protection regulations like GDPR and HIPAA, which require strict controls over personal data access and processing. Therefore, this vulnerability poses a risk to compliance with these standards by enabling unauthorized data disclosure. [1, 2]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
You can detect this vulnerability by checking if your WordPress site has the Feedback Modal for Website plugin installed with version 1.0.1 or earlier. To confirm exploitation attempts, monitor HTTP requests to the WordPress site for unauthenticated access attempts using the 'export_data' parameter, which triggers data export. For example, you can use network monitoring tools or web server logs to search for requests like: GET /wp-admin/admin.php?page=feedback_modal&export_data=1. Using command-line tools, you can grep your web server access logs for 'export_data' parameter: grep 'export_data' /var/log/apache2/access.log or grep 'export_data' /var/log/nginx/access.log. Additionally, you can use curl to test if the export endpoint is accessible without authentication: curl -v 'https://yourwordpresssite.com/wp-admin/admin.php?page=feedback_modal&export_data=1'. If the data is returned without authentication, the vulnerability is present and potentially being exploited. [1, 2]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include: 1. Update the Feedback Modal for Website plugin to a version later than 1.0.1 where the missing capability check on the 'handle_export' function is fixed. 2. If an update is not immediately available, restrict access to the plugin's export functionality by limiting access to the WordPress admin area via IP whitelisting or other access controls. 3. Temporarily disable or deactivate the Feedback Modal for Website plugin until a patch is applied. 4. Review user roles and capabilities to ensure that only trusted administrators have access to feedback data. 5. Monitor your logs for any unauthorized export attempts and respond accordingly. These steps help prevent unauthenticated attackers from exporting feedback data via the vulnerable 'export_data' parameter. [1, 2]