{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-13528", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "state": "PUBLISHED", "assignerShortName": "Wordfence", "dateReserved": "2025-11-21T20:13:43.820Z", "datePublished": "2025-12-05T05:31:29.864Z", "dateUpdated": "2026-04-08T17:32:47.536Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-08T17:32:47.536Z"}, "affected": [{"vendor": "nedwp", "product": "Feedback Modal for Website", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "1.0.1", "versionType": "semver"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "The Feedback Modal for Website plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'handle_export' function in all versions up to, and including, 1.0.1. This makes it possible for unauthenticated attackers to export all feedback data in CSV or JSON format via the 'export_data' parameter."}], "title": "Feedback Modal for Website <= 1.0.1 - Missing Authorization to Unauthenticated Arbitrary Feedback Data Exfiltration via 'export_data' Parameter", "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/f3341c29-a69e-4618-a8a5-11f4141ff88f?source=cve"}, {"url": "https://plugins.trac.wordpress.org/browser/feedback-modal-for-website/trunk/inc/admin/main.php#L1011"}, {"url": "https://plugins.trac.wordpress.org/browser/feedback-modal-for-website/tags/1.0.1/inc/admin/main.php#L1011"}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-862 Missing Authorization", "cweId": "CWE-862", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "baseScore": 5.3, "baseSeverity": "MEDIUM"}}], "credits": [{"lang": "en", "type": "finder", "value": "Abhirup Konwar"}], "timeline": [{"time": "2025-12-04T16:30:58.000Z", "lang": "en", "value": "Disclosed"}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-12-05T13:50:15.699727Z", "id": "CVE-2025-13528", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-12-05T13:50:45.740Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-13528", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-12-05T13:50:15.699727Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-12-05T13:50:29.431Z"}}], "cna": {"title": "Feedback Modal for Website <= 1.0.1 - Missing Authorization to Unauthenticated Arbitrary Feedback Data Exfiltration via 'export_data' Parameter", "credits": [{"lang": "en", "type": "finder", "value": "Abhirup Konwar"}], "metrics": [{"cvssV3_1": {"version": "3.1", "baseScore": 5.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}}], "affected": [{"vendor": "nedwp", "product": "Feedback Modal for Website", "versions": [{"status": "affected", "version": "0", "versionType": "semver", "lessThanOrEqual": "1.0.1"}], "defaultStatus": "unaffected"}], "timeline": [{"lang": "en", "time": "2025-12-04T16:30:58.000Z", "value": "Disclosed"}], "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/f3341c29-a69e-4618-a8a5-11f4141ff88f?source=cve"}, {"url": "https://plugins.trac.wordpress.org/browser/feedback-modal-for-website/trunk/inc/admin/main.php#L1011"}, {"url": "https://plugins.trac.wordpress.org/browser/feedback-modal-for-website/tags/1.0.1/inc/admin/main.php#L1011"}], "descriptions": [{"lang": "en", "value": "The Feedback Modal for Website plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'handle_export' function in all versions up to, and including, 1.0.1. This makes it possible for unauthenticated attackers to export all feedback data in CSV or JSON format via the 'export_data' parameter."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-862", "description": "CWE-862 Missing Authorization"}]}], "providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-08T17:32:47.536Z"}}}, "cveMetadata": {"cveId": "CVE-2025-13528", "state": "PUBLISHED", "dateUpdated": "2026-04-08T17:32:47.536Z", "dateReserved": "2025-11-21T20:13:43.820Z", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "datePublished": "2025-12-05T05:31:29.864Z", "assignerShortName": "Wordfence"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "The Feedback Modal for Website plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'handle_export' function in all versions up to, and including, 1.0.1. This makes it possible for unauthenticated attackers to export all feedback data in CSV or JSON format via the 'export_data' parameter."}], "id": "CVE-2025-13528", "lastModified": "2026-04-15T00:35:42.020", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 1.4, "source": "security@wordfence.com", "type": "Secondary"}]}, "published": "2025-12-05T06:16:07.900", "references": [{"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/browser/feedback-modal-for-website/tags/1.0.1/inc/admin/main.php#L1011"}, {"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/browser/feedback-modal-for-website/trunk/inc/admin/main.php#L1011"}, {"source": "security@wordfence.com", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/f3341c29-a69e-4618-a8a5-11f4141ff88f?source=cve"}], "sourceIdentifier": "security@wordfence.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-862"}], "source": "security@wordfence.com", "type": "Secondary"}]}

{}

{"analysis": {"en": {"generated_at": "2026-04-21T17:44:34.245158+00:00", "value": {"mitigation_remediation": ["Update the Feedback Modal for Website plugin to the latest released version where the capability check has been added to the export function.", "If an update is not immediately available, block unauthenticated access to the export_data endpoint using a web\u2011application firewall rule or modify WordPress to remove the export handler for all users lacking the proper capability.", "Continuously monitor site logs for unexpected export_data requests and quarantine any accounts or IPs that trigger them."], "summary": {"action": "Patch Immediately", "impact": "Unauthorized export of all user feedback data"}, "threat_synthesis": {"affected_systems": "WordPress sites running the nedwp Feedback Modal for Website plugin up through version 1.0.1 are affected.", "description_and_impact": "The Feedback Modal for Website plugin contains an authorization bypass in its handle_export function. All versions up to 1.0.1 allow anyone to trigger the export_data parameter and download all collected feedback in CSV or JSON format. Because the check for the required capability is missing, the vulnerability permits uncontrolled disclosure of potentially sensitive user input, violating confidentiality.\n\nAffected systems are WordPress sites that have installed the nedwp Feedback Modal for Website plugin. Versions from the original release through 1.0.1 are vulnerable. The flaw exists in the plugin\u2019s admin code that handles export requests.\n\nRisk and exploitability are moderate (CVSS 5.3) but the EPSS score is below 1%, suggesting low current exploitation probability. The vulnerability is not in the CISA KEV catalog. Attackers can exploit it remotely via a simple HTTP request to the export_data endpoint, with no authentication required, making it straightforward for anyone with network access to extract all feedback data.", "risk_and_exploitability": "Moderate risk with a CVSS score of 5.3. The EPSS score indicates a very low exploitation probability (<1%). This vulnerability is not listed in the CISA KEV catalog. Attackers can remotely trigger the export_data endpoint without authentication, exploiting the missing capability check to exfiltrate all feedback data in CSV or JSON format."}}}}, "created": "2025-12-05T10:51:56.961018+00:00", "updated": "2026-04-21T17:45:16.493846+00:00", "vendors": ["wordpress", "wordpress$PRODUCT$wordpress"]}