CVE-2025-68007
BaseFortify
Publication date: 2026-01-22
Last updated on: 2026-04-27
Assigner: Patchstack
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| event_espresso | event_espresso_decaf | to 5.0.37.decaf (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-862 | The product does not perform an authorization check when an actor attempts to access a resource or perform an action. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-68007 is a medium severity vulnerability in the WordPress Event Espresso 4 Decaf Plugin (up to version 5.0.37.decaf) that involves missing authorization due to broken access control. This flaw allows unauthorized, unauthenticated users to change plugin settings without proper authentication, which is classified as a 'Settings Change' vulnerability related to OWASP Top 10 A1. [1]
How can this vulnerability impact me? :
This vulnerability can allow attackers with no privileges to modify the plugin settings, potentially leading to unauthorized changes in the event management system. Such unauthorized changes could disrupt event operations, compromise site integrity, or open further security risks. Since the vulnerability is moderately dangerous and expected to be exploited, it poses a significant risk to affected sites until mitigated. [1]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
Detection can be done by monitoring for unauthorized attempts to change Event Espresso 4 Decaf plugin settings without authentication. Patchstack provides a mitigation rule that can help identify and block exploitation attempts. Specific commands are not provided in the resources, but implementing Patchstack's mitigation rules and monitoring web server logs for suspicious POST requests to the plugin's settings endpoints is recommended. [1]
What immediate steps should I take to mitigate this vulnerability?
Apply Patchstack's mitigation rule immediately to block exploitation attempts until an official patch is released. Since no official fix is available as of the publication date, using this mitigation is the best immediate protection. Additionally, monitor your site for unauthorized changes to plugin settings and restrict access to the plugin's administrative interfaces where possible. [1]
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The provided resources do not specify how this vulnerability affects compliance with common standards and regulations such as GDPR or HIPAA.