CVE-2025-14065
Unauthorized Data Access in Simple Bike Rental WordPress Plugin
Publication date: 2025-12-12
Last updated on: 2026-04-08
Assigner: Wordfence
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| wordpress | simple_bike_rental | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-862 | The product does not perform an authorization check when an actor attempts to access a resource or perform an action. |
Attack-Flow Graph
AI Powered Q&A
How can this vulnerability be detected on my network or system? Can you suggest some commands?
You can detect this vulnerability by checking if your WordPress site is running the Simple Bike Rental plugin version 1.0.6 or earlier. Specifically, monitor AJAX requests to the 'simpbire_carica_prenotazioni' endpoint. If authenticated users with Subscriber-level access or above can successfully call this AJAX action and retrieve booking data, the vulnerability is present. To detect such unauthorized access, you can use network monitoring tools or web server logs to look for POST or GET requests to 'wp-admin/admin-ajax.php' with the action parameter set to 'simpbire_carica_prenotazioni'. Example command using grep on server logs: grep 'action=simpbire_carica_prenotazioni' /path/to/access.log. Additionally, you can test via curl by simulating an authenticated user request to this AJAX endpoint and checking if booking data is returned without proper capability checks. Note that the vulnerability is fixed in version 1.0.7 by adding capability and nonce checks. [1, 3]
What immediate steps should I take to mitigate this vulnerability?
The immediate mitigation step is to upgrade the Simple Bike Rental plugin to version 1.0.7 or later, where the vulnerability is fixed by adding proper capability checks (requiring 'manage_options') and nonce verification on the 'simpbire_carica_prenotazioni' AJAX endpoint. If upgrading immediately is not possible, restrict access to the AJAX endpoint by limiting user roles that can access it, or disable the plugin temporarily. Also, monitor and audit access logs for suspicious AJAX requests to this endpoint. Applying these steps will prevent unauthorized users from accessing sensitive booking data containing customers' personally identifiable information. [3]
Can you explain this vulnerability to me?
The vulnerability in the Simple Bike Rental plugin for WordPress allows authenticated users with Subscriber-level access or higher to access booking records without proper authorization. This happens because the plugin lacks a capability check on the 'simpbire_carica_prenotazioni' AJAX action, enabling these users to retrieve customers' personally identifiable information (PII) such as names, email addresses, and phone numbers.
How can this vulnerability impact me? :
This vulnerability can lead to unauthorized disclosure of customers' personally identifiable information (PII), including names, email addresses, and phone numbers. Attackers with low-level access can exploit this to access sensitive data, potentially leading to privacy breaches, identity theft, or targeted phishing attacks.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
This vulnerability can negatively impact compliance with data protection regulations such as GDPR and HIPAA because it allows unauthorized access to personally identifiable information (PII). Such unauthorized disclosure of sensitive customer data may constitute a violation of these regulations' requirements for protecting personal data and could result in legal and financial consequences.