{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-0796", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "state": "PUBLISHED", "assignerShortName": "Wordfence", "dateReserved": "2025-01-28T14:40:20.184Z", "datePublished": "2025-02-18T04:21:13.763Z", "dateUpdated": "2026-04-08T16:45:09.347Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-08T16:45:09.347Z"}, "affected": [{"vendor": "kevin-brent", "product": "WPrequal", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "8.2.11", "versionType": "semver"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "The Mortgage Lead Capture System plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 8.2.11. This is due to missing or incorrect nonce validation on the 'wprequal_reset_defaults' action. This makes it possible for unauthenticated attackers to reset the plugin's settings via a forged request granted they can trick a site administrator into performing an action such as clicking on a link."}], "title": "Mortgage Lead Capture System <= 8.2.11 - Cross-Site Request Forgery to Settings Reset", "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/316b807c-06ca-4448-acb9-80766a07258a?source=cve"}, {"url": "https://wordpress.org/plugins/wprequal/"}, {"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3258073%40wprequal%2Ftrunk&old=3257371%40wprequal%2Ftrunk&sfp_email=&sfph_mail="}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-352 Cross-Site Request Forgery (CSRF)", "cweId": "CWE-352", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", "baseScore": 4.3, "baseSeverity": "MEDIUM"}}], "credits": [{"lang": "en", "type": "finder", "value": "Dhabaleshwar Das"}], "timeline": [{"time": "2025-02-17T15:45:09.000Z", "lang": "en", "value": "Disclosed"}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-02-18T15:16:57.183396Z", "id": "CVE-2025-0796", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-02-18T15:17:09.681Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-0796", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-02-18T15:16:57.183396Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-02-18T15:16:54.308Z"}}], "cna": {"title": "Mortgage Lead Capture System <= 8.2.11 - Cross-Site Request Forgery to Settings Reset", "credits": [{"lang": "en", "type": "finder", "value": "Dhabaleshwar Das"}], "metrics": [{"cvssV3_1": {"version": "3.1", "baseScore": 4.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"}}], "affected": [{"vendor": "kevin-brent", "product": "WPrequal", "versions": [{"status": "affected", "version": "0", "versionType": "semver", "lessThanOrEqual": "8.2.11"}], "defaultStatus": "unaffected"}], "timeline": [{"lang": "en", "time": "2025-02-17T15:45:09.000Z", "value": "Disclosed"}], "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/316b807c-06ca-4448-acb9-80766a07258a?source=cve"}, {"url": "https://wordpress.org/plugins/wprequal/"}, {"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3258073%40wprequal%2Ftrunk&old=3257371%40wprequal%2Ftrunk&sfp_email=&sfph_mail="}], "descriptions": [{"lang": "en", "value": "The Mortgage Lead Capture System plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 8.2.11. This is due to missing or incorrect nonce validation on the 'wprequal_reset_defaults' action. This makes it possible for unauthenticated attackers to reset the plugin's settings via a forged request granted they can trick a site administrator into performing an action such as clicking on a link."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-352", "description": "CWE-352 Cross-Site Request Forgery (CSRF)"}]}], "providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-08T16:45:09.347Z"}}}, "cveMetadata": {"cveId": "CVE-2025-0796", "state": "PUBLISHED", "dateUpdated": "2026-04-08T16:45:09.347Z", "dateReserved": "2025-01-28T14:40:20.184Z", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "datePublished": "2025-02-18T04:21:13.763Z", "assignerShortName": "Wordfence"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:kevinbrent:wprequal:*:*:*:*:*:wordpress:*:*", "matchCriteriaId": "5F4B37F0-3537-439C-8821-BDD4F8806B01", "versionEndIncluding": "8.2.10", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The Mortgage Lead Capture System plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 8.2.11. This is due to missing or incorrect nonce validation on the 'wprequal_reset_defaults' action. This makes it possible for unauthenticated attackers to reset the plugin's settings via a forged request granted they can trick a site administrator into performing an action such as clicking on a link."}, {"lang": "es", "value": "El complemento Mortgage Lead Capture System para WordPress es vulnerable a Cross-Site Request Forgery en todas las versiones hasta 8.2.10 incluida. Esto se debe a la validaci\u00f3n de Nonce faltante o incorrecta en la acci\u00f3n 'wprequal_reset_defaults'. Esto hace posible que los atacantes no autenticados restablezcan la configuraci\u00f3n del complemento a trav\u00e9s de una solicitud falsificada otorgada que pueden enga\u00f1ar a un administrador del sitio para que realice una acci\u00f3n, como hacer clic en un enlace."}], "id": "CVE-2025-0796", "lastModified": "2026-04-08T17:19:53.897", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 1.4, "source": "security@wordfence.com", "type": "Secondary"}]}, "published": "2025-02-18T05:15:19.597", "references": [{"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3258073%40wprequal%2Ftrunk&old=3257371%40wprequal%2Ftrunk&sfp_email=&sfph_mail="}, {"source": "security@wordfence.com", "tags": ["Product"], "url": "https://wordpress.org/plugins/wprequal/"}, {"source": "security@wordfence.com", "tags": ["Third Party Advisory"], "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/316b807c-06ca-4448-acb9-80766a07258a?source=cve"}], "sourceIdentifier": "security@wordfence.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-352"}], "source": "security@wordfence.com", "type": "Secondary"}]}

{}

{"analysis": {"en": {"generated_at": "2026-04-28T03:39:45.461334+00:00", "value": {"mitigation_remediation": ["Apply the latest version of the WPrequal plugin (8.2.12 or later) that includes the proper nonce validation.", "Ensure all WordPress installations and plugins are kept current and verify the plugin\u2019s changelog for the nonce fix.", "As a temporary measure, restrict the wprequal_reset_defaults endpoint to allow only administrators and consider disabling the action or using a security plugin to block CSRF attempts until the patch is applied."], "summary": {"action": "Patch", "impact": "Unauthorized Settings Reset via CSRF"}, "threat_synthesis": {"affected_systems": "All WPrequal installations by Kevin\u2011Brent running WordPress plugin version 8.2.11 or earlier are vulnerable. Versions newer than 8.2.11 include the necessary nonce check and are not affected.", "description_and_impact": "Missing or incorrect nonce validation for the wprequal_reset_defaults action in the WPrequal plugin for WordPress creates a CSRF flaw that lets an unauthenticated attacker trick an administrator into resetting the plugin\u2019s settings to defaults. This disrupts loan\u2011capture operations and can expose sensitive configuration data. The weakness is identified as CWE\u2011352.", "risk_and_exploitability": "The CVSS score of 4.3 marks the issue as moderate severity, and the EPSS score of below 1% suggests a low likelihood of exploitation. The vulnerability is not listed in the CISA KEV catalog. Nonetheless, an attacker can send a crafted link to an administrator, causing the settings to be reset and potentially leading to operational disruption. The risk is moderate but should not be ignored in critical loan\u2011processing environments."}}}}, "created": "2026-04-28T03:45:20.281612+00:00", "updated": "2026-04-28T03:45:20.281623+00:00", "vendors": []}