{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-12350", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "state": "PUBLISHED", "assignerShortName": "Wordfence", "dateReserved": "2025-10-27T14:43:52.066Z", "datePublished": "2025-11-04T04:27:14.553Z", "dateUpdated": "2026-04-08T16:40:26.185Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-08T16:40:26.185Z"}, "affected": [{"vendor": "domiinodev", "product": "DominoKit", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "1.1.0", "versionType": "semver"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "The DominoKit plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the wp_ajax_nopriv_dominokit_option_admin_action AJAX endpoint in all versions up to, and including, 1.1.0. This makes it possible for unauthenticated attackers to update plugin settings."}], "title": "DominoKit <= 1.1.0 - Missing Authorization to Unauthenticated Settings Update", "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/1c8de019-4ec1-49fd-9b0b-c2b1b6908ba8?source=cve"}, {"url": "https://wordpress.org/plugins/dominokit/"}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-862 Missing Authorization", "cweId": "CWE-862", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "baseScore": 5.3, "baseSeverity": "MEDIUM"}}], "credits": [{"lang": "en", "type": "finder", "value": "Abhirup Konwar"}], "timeline": [{"time": "2025-11-03T15:31:29.000Z", "lang": "en", "value": "Disclosed"}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-11-04T20:59:22.196856Z", "id": "CVE-2025-12350", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-11-04T20:59:31.623Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-12350", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-11-04T20:59:22.196856Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-11-04T20:59:26.702Z"}}], "cna": {"title": "DominoKit <= 1.1.0 - Missing Authorization to Unauthenticated Settings Update", "credits": [{"lang": "en", "type": "finder", "value": "Abhirup Konwar"}], "metrics": [{"cvssV3_1": {"version": "3.1", "baseScore": 5.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"}}], "affected": [{"vendor": "domiinodev", "product": "DominoKit", "versions": [{"status": "affected", "version": "0", "versionType": "semver", "lessThanOrEqual": "1.1.0"}], "defaultStatus": "unaffected"}], "timeline": [{"lang": "en", "time": "2025-11-03T15:31:29.000Z", "value": "Disclosed"}], "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/1c8de019-4ec1-49fd-9b0b-c2b1b6908ba8?source=cve"}, {"url": "https://wordpress.org/plugins/dominokit/"}], "descriptions": [{"lang": "en", "value": "The DominoKit plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the wp_ajax_nopriv_dominokit_option_admin_action AJAX endpoint in all versions up to, and including, 1.1.0. This makes it possible for unauthenticated attackers to update plugin settings."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-862", "description": "CWE-862 Missing Authorization"}]}], "providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-08T16:40:26.185Z"}}}, "cveMetadata": {"cveId": "CVE-2025-12350", "state": "PUBLISHED", "dateUpdated": "2026-04-08T16:40:26.185Z", "dateReserved": "2025-10-27T14:43:52.066Z", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "datePublished": "2025-11-04T04:27:14.553Z", "assignerShortName": "Wordfence"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "The DominoKit plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the wp_ajax_nopriv_dominokit_option_admin_action AJAX endpoint in all versions up to, and including, 1.1.0. This makes it possible for unauthenticated attackers to update plugin settings."}], "id": "CVE-2025-12350", "lastModified": "2026-04-15T00:35:42.020", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 1.4, "source": "security@wordfence.com", "type": "Secondary"}]}, "published": "2025-11-04T05:16:11.190", "references": [{"source": "security@wordfence.com", "url": "https://wordpress.org/plugins/dominokit/"}, {"source": "security@wordfence.com", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/1c8de019-4ec1-49fd-9b0b-c2b1b6908ba8?source=cve"}], "sourceIdentifier": "security@wordfence.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-862"}], "source": "security@wordfence.com", "type": "Secondary"}]}

{}

{"analysis": {"en": {"generated_at": "2026-04-27T22:59:39.290701+00:00", "value": {"mitigation_remediation": ["Check for and install any available updates for DominoKit from the vendor\u2019s website.", "If no update is available, disable the wp_ajax_nopriv_dominokit_option_admin_action endpoint by removing or disabling the affected function, or by deactivating the plugin entirely if it is not required.", "Implement a capability check such as current_user_can('manage_options') before processing the wp_ajax_nopriv_dominokit_option_admin_action request to ensure only authorized users can modify settings."], "summary": {"action": "Patch Plugin", "impact": "Unauthorized Settings Modification"}, "threat_synthesis": {"affected_systems": "All installations of DominoKit plugin version 1.1.0 or earlier on WordPress sites are affected. The flaw exists in the plugin\u2019s AJAX handling code and is not mitigated by WordPress\u2019s core security features. Sites that deploy DominoKit and have not updated past 1.1.0 are therefore exposed.", "description_and_impact": "The DominoKit WordPress plugin contains a missing capability check on its wp_ajax_nopriv_dominokit_option_admin_action AJAX endpoint. This flaw allows attackers who are not logged in to submit requests that change the plugin\u2019s configuration values. The vulnerability is a classic example of CWE\u2011862, whereby bypassing an authorization check grants unauthenticated users the ability to modify protected data. Such unauthorized changes could be leveraged to alter site behavior, disable security features, or create a foothold for more sophisticated attacks.", "risk_and_exploitability": "The CVSS score for the issue is 5.3, indicating moderate severity. The EPSS score is less than 1%, suggesting a very low exploitation probability in the current threat landscape. This vulnerability is not listed in the CISA KEV catalog. The attack vector is unauthenticated via an exposed AJAX endpoint; an attacker only needs to craft a request to the endpoint to modify settings. Because the flaw allows change of configuration values, it can be used in concert with other weaknesses to widen the attack surface or facilitate further compromise."}}}}, "created": "2025-11-04T16:33:01.219985+00:00", "updated": "2026-04-27T23:00:14.006635+00:00", "vendors": ["wordpress", "wordpress$PRODUCT$wordpress"]}