{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-12814", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "state": "PUBLISHED", "assignerShortName": "Wordfence", "dateReserved": "2025-11-06T16:54:37.938Z", "datePublished": "2025-11-19T05:45:15.686Z", "dateUpdated": "2026-04-08T17:12:52.721Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-08T17:12:52.721Z"}, "affected": [{"vendor": "softaculous", "product": "SiteSEO \u2013 SEO Simplified", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "1.3.2", "versionType": "semver"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "The SiteSEO \u2013 SEO Simplified plugin for WordPress is vulnerable to unauthorized modification of data due to n incorrect capability check on the siteseo_reset_settings function in all versions up to, and including, 1.3.2. This makes it possible for authenticated attackers, who have been granted access to at least on SiteSEO setting capability, to reset the plugin's settings."}], "title": "SiteSEO \u2013 SEO Simplified <= 1.3.2 - Improper Authorization to Authenticated Settings Reset", "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/a376cafb-656c-4fe1-b5c1-c7e38dc5040e?source=cve"}, {"url": "https://plugins.trac.wordpress.org/browser/siteseo/tags/1.3.2/main/ajax.php#L90"}, {"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3397272%40siteseo&new=3397272%40siteseo&sfp_email=&sfph_mail="}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-285 Improper Authorization", "cweId": "CWE-285", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "baseScore": 5.3, "baseSeverity": "MEDIUM"}}], "credits": [{"lang": "en", "type": "finder", "value": "Supakiad S."}], "timeline": [{"time": "2025-11-07T18:41:14.000Z", "lang": "en", "value": "Vendor Notified"}, {"time": "2025-11-18T17:31:00.000Z", "lang": "en", "value": "Disclosed"}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-11-19T18:39:55.197379Z", "id": "CVE-2025-12814", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-11-19T18:40:27.851Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-12814", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-11-19T18:39:55.197379Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-11-19T18:40:23.883Z"}}], "cna": {"title": "SiteSEO \u2013 SEO Simplified <= 1.3.2 - Improper Authorization to Authenticated Settings Reset", "credits": [{"lang": "en", "type": "finder", "value": "Supakiad S."}], "metrics": [{"cvssV3_1": {"version": "3.1", "baseScore": 5.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"}}], "affected": [{"vendor": "softaculous", "product": "SiteSEO \u2013 SEO Simplified", "versions": [{"status": "affected", "version": "0", "versionType": "semver", "lessThanOrEqual": "1.3.2"}], "defaultStatus": "unaffected"}], "timeline": [{"lang": "en", "time": "2025-11-07T18:41:14.000Z", "value": "Vendor Notified"}, {"lang": "en", "time": "2025-11-18T17:31:00.000Z", "value": "Disclosed"}], "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/a376cafb-656c-4fe1-b5c1-c7e38dc5040e?source=cve"}, {"url": "https://plugins.trac.wordpress.org/browser/siteseo/tags/1.3.2/main/ajax.php#L90"}, {"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3397272%40siteseo&new=3397272%40siteseo&sfp_email=&sfph_mail="}], "descriptions": [{"lang": "en", "value": "The SiteSEO \u2013 SEO Simplified plugin for WordPress is vulnerable to unauthorized modification of data due to n incorrect capability check on the siteseo_reset_settings function in all versions up to, and including, 1.3.2. This makes it possible for authenticated attackers, who have been granted access to at least on SiteSEO setting capability, to reset the plugin's settings."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-285", "description": "CWE-285 Improper Authorization"}]}], "providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-08T17:12:52.721Z"}}}, "cveMetadata": {"cveId": "CVE-2025-12814", "state": "PUBLISHED", "dateUpdated": "2026-04-08T17:12:52.721Z", "dateReserved": "2025-11-06T16:54:37.938Z", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "datePublished": "2025-11-19T05:45:15.686Z", "assignerShortName": "Wordfence"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "The SiteSEO \u2013 SEO Simplified plugin for WordPress is vulnerable to unauthorized modification of data due to n incorrect capability check on the siteseo_reset_settings function in all versions up to, and including, 1.3.2. This makes it possible for authenticated attackers, who have been granted access to at least on SiteSEO setting capability, to reset the plugin's settings."}], "id": "CVE-2025-12814", "lastModified": "2026-04-15T00:35:42.020", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 1.4, "source": "security@wordfence.com", "type": "Secondary"}]}, "published": "2025-11-19T06:15:46.617", "references": [{"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/browser/siteseo/tags/1.3.2/main/ajax.php#L90"}, {"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3397272%40siteseo&new=3397272%40siteseo&sfp_email=&sfph_mail="}, {"source": "security@wordfence.com", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/a376cafb-656c-4fe1-b5c1-c7e38dc5040e?source=cve"}], "sourceIdentifier": "security@wordfence.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-285"}], "source": "security@wordfence.com", "type": "Secondary"}]}

{}

{"analysis": {"en": {"generated_at": "2026-04-21T01:29:55.622868+00:00", "value": {"mitigation_remediation": ["Update the SiteSEO \u2013 SEO Simplified plugin to version 1.3.3 or later, where the capability check is corrected.", "If an immediate plugin update is not feasible, revoke or restrict the SiteSEO settings capability from users who do not require it.", "Audit WordPress user roles and capabilities to ensure only trusted administrators retain SiteSEO management rights."], "summary": {"action": "Patch Plugin", "impact": "Unauthorized configuration change"}, "threat_synthesis": {"affected_systems": "The flaw affects the SiteSEO \u2013 SEO Simplified plugin (Softaculous) on all installed versions up to and including 1.3.2. It applies to any WordPress site where the plugin is active and the user has SiteSEO setting permissions.", "description_and_impact": "The SiteSEO \u2013 SEO Simplified WordPress plugin is vulnerable because the siteseo_reset_settings function performs an incorrect capability check, allowing an authenticated user with any SiteSEO setting capability to reset the plugin\u2019s configuration. This flaw permits attackers to wipe custom SEO settings and disrupt site visibility, although it does not lead to remote code execution or data exfiltration.", "risk_and_exploitability": "The CVSS score of 5.3 indicates moderate severity, and the EPSS score of less than 1% suggests a low likelihood of exploitation. It is not listed in the CISA KEV catalog. The attack vector requires an authenticated user with at least SiteSEO setting capability\u2014a privilege escalation scenario. The vulnerability allows only configuration resets, not arbitrary code execution or data loss."}}}}, "created": "2025-11-21T09:16:10.248064+00:00", "updated": "2026-04-21T01:30:24.404277+00:00", "vendors": ["softaculous", "softaculous$PRODUCT$siteseo", "wordpress", "wordpress$PRODUCT$wordpress"]}