{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-12095", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "state": "PUBLISHED", "assignerShortName": "Wordfence", "dateReserved": "2025-10-22T19:29:09.264Z", "datePublished": "2025-10-25T05:31:23.467Z", "dateUpdated": "2026-04-08T17:11:24.770Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-08T17:11:24.770Z"}, "affected": [{"vendor": "astoundify", "product": "Simple Registration for WooCommerce", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "1.5.8", "versionType": "semver"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "The Simple Registration for WooCommerce plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.5.8. This is due to missing nonce validation on the role requests admin page handler in the includes/display-role-admin.php file. This makes it possible for unauthenticated attackers to approve pending role requests and escalate user privileges via a forged request granted they can trick a site administrator into performing an action such as clicking on a link."}], "title": "Simple Registration for WooCommerce <= 1.5.8 - Cross-Site Request Forgery to Privilege Escalation via Role Request Approval", "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/9c32fcaf-afc3-4493-8cd8-6f49bbe40c7b?source=cve"}, {"url": "https://plugins.trac.wordpress.org/browser/woocommerce-simple-registration/tags/1.5.8/includes/display-role-admin.php#L132"}, {"url": "https://plugins.trac.wordpress.org/changeset/3383124"}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-352 Cross-Site Request Forgery (CSRF)", "cweId": "CWE-352", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "baseScore": 8.8, "baseSeverity": "HIGH"}}], "credits": [{"lang": "en", "type": "finder", "value": "Jonas Benjamin Friedli"}], "timeline": [{"time": "2025-10-23T06:40:38.000Z", "lang": "en", "value": "Vendor Notified"}, {"time": "2025-10-24T00:00:00.000Z", "lang": "en", "value": "Disclosed"}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-10-27T15:55:19.336112Z", "id": "CVE-2025-12095", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-10-27T15:55:27.834Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-12095", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-10-27T15:55:19.336112Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-10-27T15:55:24.687Z"}}], "cna": {"title": "Simple Registration for WooCommerce <= 1.5.8 - Cross-Site Request Forgery to Privilege Escalation via Role Request Approval", "credits": [{"lang": "en", "type": "finder", "value": "Jonas Benjamin Friedli"}], "metrics": [{"cvssV3_1": {"version": "3.1", "baseScore": 8.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}}], "affected": [{"vendor": "astoundify", "product": "Simple Registration for WooCommerce", "versions": [{"status": "affected", "version": "*", "versionType": "semver", "lessThanOrEqual": "1.5.8"}], "defaultStatus": "unaffected"}], "timeline": [{"lang": "en", "time": "2025-10-23T06:40:38.000Z", "value": "Vendor Notified"}, {"lang": "en", "time": "2025-10-24T00:00:00.000Z", "value": "Disclosed"}], "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/9c32fcaf-afc3-4493-8cd8-6f49bbe40c7b?source=cve"}, {"url": "https://plugins.trac.wordpress.org/browser/woocommerce-simple-registration/tags/1.5.8/includes/display-role-admin.php#L132"}, {"url": "https://plugins.trac.wordpress.org/changeset/3383124"}], "descriptions": [{"lang": "en", "value": "The Simple Registration for WooCommerce plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.5.8. This is due to missing nonce validation on the role requests admin page handler in the includes/display-role-admin.php file. This makes it possible for unauthenticated attackers to approve pending role requests and escalate user privileges via a forged request granted they can trick a site administrator into performing an action such as clicking on a link."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-352", "description": "CWE-352 Cross-Site Request Forgery (CSRF)"}]}], "providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2025-10-25T05:31:23.467Z"}}}, "cveMetadata": {"cveId": "CVE-2025-12095", "state": "PUBLISHED", "dateUpdated": "2025-10-27T15:55:27.834Z", "dateReserved": "2025-10-22T19:29:09.264Z", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "datePublished": "2025-10-25T05:31:23.467Z", "assignerShortName": "Wordfence"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "The Simple Registration for WooCommerce plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.5.8. This is due to missing nonce validation on the role requests admin page handler in the includes/display-role-admin.php file. This makes it possible for unauthenticated attackers to approve pending role requests and escalate user privileges via a forged request granted they can trick a site administrator into performing an action such as clicking on a link."}], "id": "CVE-2025-12095", "lastModified": "2026-04-15T00:35:42.020", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "security@wordfence.com", "type": "Secondary"}]}, "published": "2025-10-25T06:15:36.097", "references": [{"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/browser/woocommerce-simple-registration/tags/1.5.8/includes/display-role-admin.php#L132"}, {"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/changeset/3383124"}, {"source": "security@wordfence.com", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/9c32fcaf-afc3-4493-8cd8-6f49bbe40c7b?source=cve"}], "sourceIdentifier": "security@wordfence.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-352"}], "source": "security@wordfence.com", "type": "Secondary"}]}

{}

{"analysis": {"en": {"generated_at": "2026-04-22T12:07:13.507842+00:00", "value": {"mitigation_remediation": ["Update Simple Registration for WooCommerce to the latest version to eliminate the CSRF flaw", "If an immediate update is not feasible, block or restrict access to the admin role\u2011request approval page to prevent forged requests from reaching the handler", "Enhance administrator authentication, enforce two\u2011factor authentication, and monitor account role changes for suspicious activity"], "summary": {"action": "Apply Patch", "impact": "Privilege Escalation via Cross\u2011Site Request Forgery in WooCommerce plugin"}, "threat_synthesis": {"affected_systems": "All deployments of the Astoundify Simple Registration for WooCommerce plugin, versions 1.5.8 and earlier, are impacted. No version information indicating a fixed release was provided in the current CVE data, so the advisory should assume any installation at or below 1.5.8 is vulnerable until the plugin is updated.", "description_and_impact": "The Simple Registration for WooCommerce plugin contains a missing nonce check on the role\u2011request approval page, allowing an unauthenticated attacker to submit a forged request that grants administrative privileges to a pending user. This flaw directly equates to a privilege escalation vulnerability, categorized as CWE\u2011352. The attacker can exploit the issue by luring an administrator into visiting a crafted URL or link, which the admin\u2019s browser would automatically include the necessary cookies, thereby approving the role request and elevating the user\u2019s access level.", "risk_and_exploitability": "With a CVSS score of 8.8 the flaw is considered high severity, yet the EPSS score of less than 1% suggests that, as of the last assessment, actual exploitation is unlikely. The vulnerability is not listed in CISA\u2019s KEV catalog. Attack prerequisites include an unauthenticated attacker who can persuade or force an administrator to open a crafted page; no network\u2011level or privileged access is required beyond this social engineering step. The risk to confidentiality and integrity is significant, as compromised accounts could modify site content, posts, or administrative settings."}}}}, "created": "2025-10-27T22:10:21.725084+00:00", "updated": "2026-04-22T12:15:16.047359+00:00", "vendors": ["wordpress", "wordpress$PRODUCT$wordpress"]}