{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-12582", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "state": "PUBLISHED", "assignerShortName": "Wordfence", "dateReserved": "2025-10-31T21:37:45.321Z", "datePublished": "2025-11-05T02:25:52.638Z", "dateUpdated": "2026-04-08T16:50:43.664Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-08T16:50:43.664Z"}, "affected": [{"vendor": "klicher", "product": "Features", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "0.0.2", "versionType": "semver"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "The Features plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'features_revert_option AJAX endpoint in all versions up to, and including, 0.0.2. This makes it possible for authenticated attackers, with Subscriber-level access and above, to revert options."}], "title": "Features <= 0.0.2 - Missing Authorization to Authenticated (Subscriber+) Option Reset", "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/4a6efab8-04a0-459f-a791-9360c83e5dbe?source=cve"}, {"url": "https://wordpress.org/plugins/features/"}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-862 Missing Authorization", "cweId": "CWE-862", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", "baseScore": 4.3, "baseSeverity": "MEDIUM"}}], "credits": [{"lang": "en", "type": "finder", "value": "Nabil Irawan"}], "timeline": [{"time": "2025-11-04T14:25:42.000Z", "lang": "en", "value": "Disclosed"}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-11-05T18:57:12.219568Z", "id": "CVE-2025-12582", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-11-05T18:57:22.260Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-12582", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-11-05T18:57:12.219568Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-11-05T18:57:16.231Z"}}], "cna": {"title": "Features <= 0.0.2 - Missing Authorization to Authenticated (Subscriber+) Option Reset", "credits": [{"lang": "en", "type": "finder", "value": "Nabil Irawan"}], "metrics": [{"cvssV3_1": {"version": "3.1", "baseScore": 4.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"}}], "affected": [{"vendor": "klicher", "product": "Features", "versions": [{"status": "affected", "version": "*", "versionType": "semver", "lessThanOrEqual": "0.0.2"}], "defaultStatus": "unaffected"}], "timeline": [{"lang": "en", "time": "2025-11-04T14:25:42.000Z", "value": "Disclosed"}], "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/4a6efab8-04a0-459f-a791-9360c83e5dbe?source=cve"}, {"url": "https://wordpress.org/plugins/features/"}], "descriptions": [{"lang": "en", "value": "The Features plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'features_revert_option AJAX endpoint in all versions up to, and including, 0.0.2. This makes it possible for authenticated attackers, with Subscriber-level access and above, to revert options."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-862", "description": "CWE-862 Missing Authorization"}]}], "providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2025-11-05T02:25:52.638Z"}}}, "cveMetadata": {"cveId": "CVE-2025-12582", "state": "PUBLISHED", "dateUpdated": "2025-11-05T18:57:22.260Z", "dateReserved": "2025-10-31T21:37:45.321Z", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "datePublished": "2025-11-05T02:25:52.638Z", "assignerShortName": "Wordfence"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "The Features plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'features_revert_option AJAX endpoint in all versions up to, and including, 0.0.2. This makes it possible for authenticated attackers, with Subscriber-level access and above, to revert options."}], "id": "CVE-2025-12582", "lastModified": "2026-04-15T00:35:42.020", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 1.4, "source": "security@wordfence.com", "type": "Secondary"}]}, "published": "2025-11-05T03:15:42.703", "references": [{"source": "security@wordfence.com", "url": "https://wordpress.org/plugins/features/"}, {"source": "security@wordfence.com", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/4a6efab8-04a0-459f-a791-9360c83e5dbe?source=cve"}], "sourceIdentifier": "security@wordfence.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-862"}], "source": "security@wordfence.com", "type": "Secondary"}]}

{}

{"analysis": {"en": {"generated_at": "2026-04-22T03:56:38.535447+00:00", "value": {"mitigation_remediation": ["Upgrade the Features plugin to a version that restores the missing capability check", "If an upgrade is not yet possible, add custom code or a security plugin to unregister the \"features_revert_option\" AJAX action for non\u2011admin roles", "Apply strong account security measures such as multi\u2011factor authentication for all WordPress users to reduce the risk of compromised Subscriber credentials"], "summary": {"action": "Patch", "impact": "Unauthorized data modification through missing authorization"}, "threat_synthesis": {"affected_systems": "The vulnerability exists in all klicher Features WordPress plugin releases up to version 0.0.2. Websites that have not upgraded beyond that version and have Subscriber (or higher) accounts are at risk.", "description_and_impact": "The Features WordPress plugin contains a missing capability check on the \"features_revert_option\" AJAX endpoint available in all releases up to and including 0.0.2. This flaw permits any authenticated user with a Subscriber role or higher to invoke the endpoint and revert plugin options without proper authorization. The weakness is a classic Missing Authorization error, classified as CWE\u2011862, resulting in an integrity violation of the site\u2019s configuration.", "risk_and_exploitability": "The CVSS score of 4.3 indicates low severity, and the EPSS score of less than 1% shows a very low probability of exploitation. The flaw is not listed in CISA's KEV catalog, implying no widespread exploitation has been reported. An attacker needs only a valid WordPress login with Subscriber or higher permissions and the ability to call the AJAX endpoint; the exploitation consists of sending a request that triggers the revert action."}}}}, "created": "2025-11-05T10:47:01.922788+00:00", "updated": "2026-04-22T04:00:08.019514+00:00", "vendors": ["wordpress", "wordpress$PRODUCT$wordpress"]}