{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-10902", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "state": "PUBLISHED", "assignerShortName": "Wordfence", "dateReserved": "2025-09-23T23:43:02.828Z", "datePublished": "2025-10-24T08:24:02.973Z", "dateUpdated": "2026-04-08T17:03:39.086Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-08T17:03:39.086Z"}, "affected": [{"vendor": "originalityai", "product": "Originality.ai AI Checker", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "1.0.15", "versionType": "semver"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "The Originality.ai AI Checker plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the 'ai_scan_result_remove' function in all versions up to, and including, 1.0.15. This makes it possible for authenticated attackers, with Subscriber-level access and above, to delete all data in the wp_originalityai_log database table, which can include post titles, scan scores, credits used, and other data."}], "title": "Originality.ai AI Checker <= 1.0.15 - Missing Authorization to Authenticated (Subscriber+) Scan Log Deletion via ' ai_scan_result_remove'", "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/80dd4f6a-20dd-4532-913b-ab08f89db836?source=cve"}, {"url": "https://plugins.trac.wordpress.org/browser/originality-ai/trunk/OriginalityAI.php#L532"}, {"url": "https://plugins.trac.wordpress.org/changeset/3371428"}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-285 Improper Authorization", "cweId": "CWE-285", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", "baseScore": 4.3, "baseSeverity": "MEDIUM"}}], "credits": [{"lang": "en", "type": "finder", "value": "Jonas Benjamin Friedli"}], "timeline": [{"time": "2025-10-23T19:37:41.000Z", "lang": "en", "value": "Disclosed"}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-10-24T12:10:44.216020Z", "id": "CVE-2025-10902", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-10-24T12:30:30.233Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-10902", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-10-24T12:10:44.216020Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-10-24T12:10:44.981Z"}}], "cna": {"title": "Originality.ai AI Checker <= 1.0.15 - Missing Authorization to Authenticated (Subscriber+) Scan Log Deletion via ' ai_scan_result_remove'", "credits": [{"lang": "en", "type": "finder", "value": "Jonas Benjamin Friedli"}], "metrics": [{"cvssV3_1": {"version": "3.1", "baseScore": 4.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"}}], "affected": [{"vendor": "originalityai", "product": "Originality.ai AI Checker", "versions": [{"status": "affected", "version": "0", "versionType": "semver", "lessThanOrEqual": "1.0.15"}], "defaultStatus": "unaffected"}], "timeline": [{"lang": "en", "time": "2025-10-23T19:37:41.000Z", "value": "Disclosed"}], "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/80dd4f6a-20dd-4532-913b-ab08f89db836?source=cve"}, {"url": "https://plugins.trac.wordpress.org/browser/originality-ai/trunk/OriginalityAI.php#L532"}, {"url": "https://plugins.trac.wordpress.org/changeset/3371428"}], "descriptions": [{"lang": "en", "value": "The Originality.ai AI Checker plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the 'ai_scan_result_remove' function in all versions up to, and including, 1.0.15. This makes it possible for authenticated attackers, with Subscriber-level access and above, to delete all data in the wp_originalityai_log database table, which can include post titles, scan scores, credits used, and other data."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-285", "description": "CWE-285 Improper Authorization"}]}], "providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-08T17:03:39.086Z"}}}, "cveMetadata": {"cveId": "CVE-2025-10902", "state": "PUBLISHED", "dateUpdated": "2026-04-08T17:03:39.086Z", "dateReserved": "2025-09-23T23:43:02.828Z", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "datePublished": "2025-10-24T08:24:02.973Z", "assignerShortName": "Wordfence"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "The Originality.ai AI Checker plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the 'ai_scan_result_remove' function in all versions up to, and including, 1.0.15. This makes it possible for authenticated attackers, with Subscriber-level access and above, to delete all data in the wp_originalityai_log database table, which can include post titles, scan scores, credits used, and other data."}], "id": "CVE-2025-10902", "lastModified": "2026-04-15T00:35:42.020", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 1.4, "source": "security@wordfence.com", "type": "Secondary"}]}, "published": "2025-10-24T09:15:42.080", "references": [{"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/browser/originality-ai/trunk/OriginalityAI.php#L532"}, {"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/changeset/3371428"}, {"source": "security@wordfence.com", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/80dd4f6a-20dd-4532-913b-ab08f89db836?source=cve"}], "sourceIdentifier": "security@wordfence.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-285"}], "source": "security@wordfence.com", "type": "Secondary"}]}

{}

{"analysis": {"en": {"generated_at": "2026-04-22T14:02:56.914270+00:00", "value": {"mitigation_remediation": ["Upgrade the Originality.ai AI Checker plugin to version 1.0.16 or later, which restores proper capability checks for the deletion function.", "Use a role\u2011management plugin (e.g., User Role Editor) to remove the ability for Subscriber roles to access the 'ai_scan_result_remove' endpoint until a patch is applied.", "Back up the wp_originalityai_log table immediately to preserve audit data before modifying user roles or the plugin."], "summary": {"action": "Immediate Patch", "impact": "Data Loss"}, "threat_synthesis": {"affected_systems": "All installations of the Originality.ai AI Checker plugin through version 1.0.15 are affected. The plugin is distributed under the originalityai:Originality.ai AI Checker CNA and is a WordPress plugin that adds AI\u2011based content originality checking. Users should verify which version they are running and consider upgrading to version 1.0.16 or newer.", "description_and_impact": "The Originality.ai AI Checker plugin for WordPress contains a missing authorization check in its 'ai_scan_result_remove' function. Because the plugin fails to verify user capabilities, any authenticated user with Subscriber-level access or higher can call this function and delete all entries in the wp_originalityai_log table. This table holds post titles, scan scores, credit usage, and related metadata, so deletions result in irreversible loss of valuable audit and content data. The vulnerability is a classic privilege\u2011escalation/authorization flaw (CWE\u2011285) that affects confidentiality of audit information and the integrity of system logs.", "risk_and_exploitability": "Although the CVSS score is 4.3, the vulnerability can be exploited by any logged\u2011in user with Subscriber roles, a common level of access in many sites. The EPSS score is less than 1\u202f%, indicating a low publicly observed exploitation probability, and the issue is not listed in CISA\u2019s KEV catalog. Nonetheless, because delete operations cannot be recovered except via backups, the impact on the affected systems is significant. The attack vector is straightforward: a user who can authenticate to the WordPress admin area can invoke the deletion endpoint directly, assuming no additional protective filters are in place."}}}}, "created": "2025-10-27T22:13:16.605362+00:00", "updated": "2026-04-22T14:15:20.396713+00:00", "vendors": ["wordpress", "wordpress$PRODUCT$wordpress"]}