CVE-2025-69187
BaseFortify
Publication date: 2026-01-22
Last updated on: 2026-01-27
Assigner: Patchstack
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| patchstack | final_user | to 1.2.5 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-862 | The product does not perform an authorization check when an actor attempts to access a resource or perform an action. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-69187 is a Broken Access Control vulnerability in the WordPress Final User Plugin (versions up to 1.2.5). It occurs due to missing authorization, authentication, or nonce token checks in certain plugin functions, allowing unauthenticated users to perform actions that should be restricted to higher-privileged users. This means attackers can exploit the plugin to bypass security controls without logging in. [1]
How can this vulnerability impact me? :
This vulnerability can have a significant impact by allowing unauthorized users to perform privileged actions on your WordPress site, potentially leading to data breaches, unauthorized changes, or other malicious activities. Since no authentication is required, the risk of exploitation is high, and it can compromise the security and integrity of your website. [1]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
The provided resources do not include specific commands or methods to detect this vulnerability on your network or system.
What immediate steps should I take to mitigate this vulnerability?
Since no official patch or fixed version is available, you should immediately apply the mitigation rule released by Patchstack to block attacks exploiting this vulnerability. Additionally, consider using Patchstack's automated vulnerability mitigation services to protect your WordPress site until an official fix is released. [1]