{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-10303", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "state": "PUBLISHED", "assignerShortName": "Wordfence", "dateReserved": "2025-09-11T21:35:10.838Z", "datePublished": "2025-10-15T08:25:58.588Z", "dateUpdated": "2026-04-08T17:11:44.959Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-08T17:11:44.959Z"}, "affected": [{"vendor": "owthub", "product": "Library Management System", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "3.1", "versionType": "semver"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "The Library Management System plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the owt7_library_management_ajax_handler() function in all versions up to, and including, 3.1. This makes it possible for authenticated attackers, with Subscriber-level access and above, to update and manipulate several of the plugin's settings and features."}], "title": "Library Management System <= 3.1 - Missing Authorization to Authenticated (Subscriber+) Settings Manipulation", "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/9e45feb6-5ffa-4ad3-9549-4414988f040e?source=cve"}, {"url": "https://plugins.trac.wordpress.org/browser/library-management-system/trunk/admin/class-library-management-system-admin.php#L831"}, {"url": "https://plugins.trac.wordpress.org/changeset/3382258"}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-862 Missing Authorization", "cweId": "CWE-862", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", "baseScore": 4.3, "baseSeverity": "MEDIUM"}}], "credits": [{"lang": "en", "type": "finder", "value": "Jonas Benjamin Friedli"}], "timeline": [{"time": "2025-10-14T19:59:53.000Z", "lang": "en", "value": "Disclosed"}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-10-15T14:16:41.491775Z", "id": "CVE-2025-10303", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-10-15T14:23:15.919Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-10303", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-10-15T14:16:41.491775Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-10-15T14:17:14.556Z"}}], "cna": {"title": "Library Management System <= 3.1 - Missing Authorization to Authenticated (Subscriber+) Settings Manipulation", "credits": [{"lang": "en", "type": "finder", "value": "Jonas Benjamin Friedli"}], "metrics": [{"cvssV3_1": {"version": "3.1", "baseScore": 4.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"}}], "affected": [{"vendor": "owthub", "product": "Library Management System", "versions": [{"status": "affected", "version": "0", "versionType": "semver", "lessThanOrEqual": "3.1"}], "defaultStatus": "unaffected"}], "timeline": [{"lang": "en", "time": "2025-10-14T19:59:53.000Z", "value": "Disclosed"}], "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/9e45feb6-5ffa-4ad3-9549-4414988f040e?source=cve"}, {"url": "https://plugins.trac.wordpress.org/browser/library-management-system/trunk/admin/class-library-management-system-admin.php#L831"}, {"url": "https://plugins.trac.wordpress.org/changeset/3382258"}], "descriptions": [{"lang": "en", "value": "The Library Management System plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the owt7_library_management_ajax_handler() function in all versions up to, and including, 3.1. This makes it possible for authenticated attackers, with Subscriber-level access and above, to update and manipulate several of the plugin's settings and features."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-862", "description": "CWE-862 Missing Authorization"}]}], "providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-08T17:11:44.959Z"}}}, "cveMetadata": {"cveId": "CVE-2025-10303", "state": "PUBLISHED", "dateUpdated": "2026-04-08T17:11:44.959Z", "dateReserved": "2025-09-11T21:35:10.838Z", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "datePublished": "2025-10-15T08:25:58.588Z", "assignerShortName": "Wordfence"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "The Library Management System plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the owt7_library_management_ajax_handler() function in all versions up to, and including, 3.1. This makes it possible for authenticated attackers, with Subscriber-level access and above, to update and manipulate several of the plugin's settings and features."}], "id": "CVE-2025-10303", "lastModified": "2026-04-15T00:35:42.020", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 1.4, "source": "security@wordfence.com", "type": "Secondary"}]}, "published": "2025-10-15T09:15:39.780", "references": [{"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/browser/library-management-system/trunk/admin/class-library-management-system-admin.php#L831"}, {"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/changeset/3382258"}, {"source": "security@wordfence.com", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/9e45feb6-5ffa-4ad3-9549-4414988f040e?source=cve"}], "sourceIdentifier": "security@wordfence.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-862"}], "source": "security@wordfence.com", "type": "Secondary"}]}

{}

{"analysis": {"en": {"generated_at": "2026-04-22T16:48:59.534944+00:00", "value": {"mitigation_remediation": ["Upgrade Library Management System to the latest release that includes a capability check for the AJAX handler.", "Revoke Subscriber role from users who do not require access to the plugin\u2019s administrative features.", "If an upgrade cannot be performed immediately, remove the owt7_library_management_ajax_handler action from the AJAX action list or add a proper capability check before allowing any setting changes."], "summary": {"action": "Apply Update", "impact": "Unauthorized Modification of Plugin Settings by Authenticated Users"}, "threat_synthesis": {"affected_systems": "The vulnerability is limited to the Library Management System plugin developed by owthub for WordPress. All versions through 3.1 are affected because the missing privilege guard exists in every build up to that point.", "description_and_impact": "The Library Management System plugin for WordPress contains a missing capability check within the owt7_library_management_ajax_handler() function in all releases up to and including version\u00a03.1. As described in the CVE, this flaw permits an authenticated user with at least Subscriber privileges to invoke the AJAX endpoint and modify any of the plugin\u2019s configuration values and feature toggles without proper authorization. No additional privileges or network conditions are specified in the vendor material.", "risk_and_exploitability": "The CVSS score of 4.3 reflects a moderate severity level. The EPSS score is beneath 1%, indicating limited exploitation evidence. The issue is not present in the CISA KEV catalog. Attackers must be authenticated and hold at least Subscriber rights; the description states this requirement, so the attack vector is considered authenticated access. Once the credentials are available, the attacker can alter plugin settings directly via the vulnerable AJAX handler."}}}}, "created": "2025-10-21T09:41:13.845859+00:00", "updated": "2026-04-22T17:00:12.308307+00:00", "vendors": ["owthub", "owthub$PRODUCT$library_management_system", "wordpress", "wordpress$PRODUCT$wordpress"]}