{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-12639", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "state": "PUBLISHED", "assignerShortName": "Wordfence", "dateReserved": "2025-11-03T18:30:22.794Z", "datePublished": "2025-11-18T09:27:39.489Z", "dateUpdated": "2026-04-08T17:10:28.087Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-08T17:10:28.087Z"}, "affected": [{"vendor": "sundayfanz", "product": "wModes \u2013 Catalog Mode, Product Pricing, Enquiry Forms & Promotions | for WooCommerce", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "1.2.2", "versionType": "semver"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "The wModes \u2013 Catalog Mode, Product Pricing, Enquiry Forms & Promotions plugin for WordPress is vulnerable to authorization bypass in versions up to, and including, 1.2.2. This is due to the plugin not properly verifying that a user is authorized to access sensitive information via the AJAX endpoint. This makes it possible for authenticated attackers, with subscriber-level access and above, to extract sensitive information including user emails, usernames, roles, capabilities, and WooCommerce data such as products and payment methods."}], "title": "wModes \u2013 Catalog Mode, Product Pricing, Enquiry Forms & Promotions | for WooCommerce <= 1.2.2 - Missing Authorization to Sensitive Information Disclosure", "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/979001c4-45dd-4168-8749-c8eebe237b60?source=cve"}, {"url": "https://plugins.trac.wordpress.org/browser/catalog-mode-pricing-enquiry-forms-promotions/tags/1.2.1/framework/reon/core/class.reon.core.ajax.php#L12"}, {"url": "https://plugins.trac.wordpress.org/browser/catalog-mode-pricing-enquiry-forms-promotions/tags/1.2.1/framework/reon/core/class.reon.core.ajax.php#L29"}, {"url": "https://plugins.trac.wordpress.org/browser/catalog-mode-pricing-enquiry-forms-promotions/tags/1.2.1/framework/reon/core/class.reon.core.ajax.php#L165"}, {"url": "https://plugins.trac.wordpress.org/changeset/3392651/catalog-mode-pricing-enquiry-forms-promotions/trunk?contextall=1&old=3390779&old_path=%2Fcatalog-mode-pricing-enquiry-forms-promotions%2Ftrunk#file11"}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-862 Missing Authorization", "cweId": "CWE-862", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "baseScore": 4.3, "baseSeverity": "MEDIUM"}}], "credits": [{"lang": "en", "type": "finder", "value": "NumeX"}], "timeline": [{"time": "2025-11-17T20:52:07.000Z", "lang": "en", "value": "Disclosed"}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-11-18T21:10:07.821703Z", "id": "CVE-2025-12639", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-11-18T21:10:14.550Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-12639", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-11-18T21:10:07.821703Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-11-18T21:10:11.749Z"}}], "cna": {"title": "wModes \u2013 Catalog Mode, Product Pricing, Enquiry Forms & Promotions | for WooCommerce <= 1.2.2 - Missing Authorization to Sensitive Information Disclosure", "credits": [{"lang": "en", "type": "finder", "value": "NumeX"}], "metrics": [{"cvssV3_1": {"version": "3.1", "baseScore": 4.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"}}], "affected": [{"vendor": "sundayfanz", "product": "wModes \u2013 Catalog Mode, Product Pricing, Enquiry Forms & Promotions | for WooCommerce", "versions": [{"status": "affected", "version": "0", "versionType": "semver", "lessThanOrEqual": "1.2.2"}], "defaultStatus": "unaffected"}], "timeline": [{"lang": "en", "time": "2025-11-17T20:52:07.000Z", "value": "Disclosed"}], "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/979001c4-45dd-4168-8749-c8eebe237b60?source=cve"}, {"url": "https://plugins.trac.wordpress.org/browser/catalog-mode-pricing-enquiry-forms-promotions/tags/1.2.1/framework/reon/core/class.reon.core.ajax.php#L12"}, {"url": "https://plugins.trac.wordpress.org/browser/catalog-mode-pricing-enquiry-forms-promotions/tags/1.2.1/framework/reon/core/class.reon.core.ajax.php#L29"}, {"url": "https://plugins.trac.wordpress.org/browser/catalog-mode-pricing-enquiry-forms-promotions/tags/1.2.1/framework/reon/core/class.reon.core.ajax.php#L165"}, {"url": "https://plugins.trac.wordpress.org/changeset/3392651/catalog-mode-pricing-enquiry-forms-promotions/trunk?contextall=1&old=3390779&old_path=%2Fcatalog-mode-pricing-enquiry-forms-promotions%2Ftrunk#file11"}], "descriptions": [{"lang": "en", "value": "The wModes \u2013 Catalog Mode, Product Pricing, Enquiry Forms & Promotions plugin for WordPress is vulnerable to authorization bypass in versions up to, and including, 1.2.2. This is due to the plugin not properly verifying that a user is authorized to access sensitive information via the AJAX endpoint. This makes it possible for authenticated attackers, with subscriber-level access and above, to extract sensitive information including user emails, usernames, roles, capabilities, and WooCommerce data such as products and payment methods."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-862", "description": "CWE-862 Missing Authorization"}]}], "providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-08T17:10:28.087Z"}}}, "cveMetadata": {"cveId": "CVE-2025-12639", "state": "PUBLISHED", "dateUpdated": "2026-04-08T17:10:28.087Z", "dateReserved": "2025-11-03T18:30:22.794Z", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "datePublished": "2025-11-18T09:27:39.489Z", "assignerShortName": "Wordfence"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "The wModes \u2013 Catalog Mode, Product Pricing, Enquiry Forms & Promotions plugin for WordPress is vulnerable to authorization bypass in versions up to, and including, 1.2.2. This is due to the plugin not properly verifying that a user is authorized to access sensitive information via the AJAX endpoint. This makes it possible for authenticated attackers, with subscriber-level access and above, to extract sensitive information including user emails, usernames, roles, capabilities, and WooCommerce data such as products and payment methods."}], "id": "CVE-2025-12639", "lastModified": "2026-04-15T00:35:42.020", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 1.4, "source": "security@wordfence.com", "type": "Secondary"}]}, "published": "2025-11-18T10:15:48.137", "references": [{"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/browser/catalog-mode-pricing-enquiry-forms-promotions/tags/1.2.1/framework/reon/core/class.reon.core.ajax.php#L12"}, {"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/browser/catalog-mode-pricing-enquiry-forms-promotions/tags/1.2.1/framework/reon/core/class.reon.core.ajax.php#L165"}, {"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/browser/catalog-mode-pricing-enquiry-forms-promotions/tags/1.2.1/framework/reon/core/class.reon.core.ajax.php#L29"}, {"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/changeset/3392651/catalog-mode-pricing-enquiry-forms-promotions/trunk?contextall=1&old=3390779&old_path=%2Fcatalog-mode-pricing-enquiry-forms-promotions%2Ftrunk#file11"}, {"source": "security@wordfence.com", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/979001c4-45dd-4168-8749-c8eebe237b60?source=cve"}], "sourceIdentifier": "security@wordfence.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-862"}], "source": "security@wordfence.com", "type": "Secondary"}]}

{}

{"analysis": {"en": {"generated_at": "2026-04-21T18:14:24.143138+00:00", "value": {"mitigation_remediation": ["Update the wModes plugin to the latest version, which removes the vulnerable AJAX endpoint logic.", "Restrict subscriber and lower user roles from accessing sensitive plugin features or remove subscriber accounts that are unnecessary.", "Configure a web application firewall or .htaccess rule to block direct access to the plugin\u2019s AJAX endpoint URLs."], "summary": {"action": "Apply Patch", "impact": "Sensitive Information Disclosure"}, "threat_synthesis": {"affected_systems": "This issue affects the sundayfanz wModes plugin, versions up to and including v1.2.2, which is available for WordPress sites using WooCommerce. No specific operating system or WordPress version is listed; any installation running the affected plugin version is at risk.", "description_and_impact": "The wModes \u2013 Catalog Mode, Product Pricing, Enquiry Forms & Promotions plugin for WordPress suffers from an authorization bypass that allows a user with subscriber-level access or higher to read sensitive data. By sending crafted requests to an exposed AJAX endpoint, an attacker can download user emails, usernames, roles, capabilities and WooCommerce information such as products and payment methods, violating confidentiality.", "risk_and_exploitability": "The CVSS score of 4.3 indicates a moderate impact. The EPSS score is listed as < 1%, implying a low probability of exploitation in the general population, and the vulnerability is not present in the CISA KEV catalog. The likely attack vector is through an authenticated AJAX call, as the plugin fails to verify user permissions before returning sensitive data."}}}}, "created": "2025-11-19T10:47:59.019820+00:00", "updated": "2026-04-21T18:15:36.379560+00:00", "vendors": ["sundayfanz", "sundayfanz$PRODUCT$wmodes", "woocommerce", "woocommerce$PRODUCT$woocommerce", "wordpress", "wordpress$PRODUCT$wordpress"]}