{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-14070", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "state": "PUBLISHED", "assignerShortName": "Wordfence", "dateReserved": "2025-12-04T21:14:37.597Z", "datePublished": "2026-01-07T09:21:01.280Z", "dateUpdated": "2026-04-08T17:11:37.962Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-08T17:11:37.962Z"}, "affected": [{"vendor": "xfinitysoft", "product": "Reviewify \u2014 Review Discounts & Photo/Video Reviews for WooCommerce", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "1.0.7", "versionType": "semver"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "The Reviewify plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'send_test_email' AJAX action in all versions up to, and including, 1.0.7. This makes it possible for authenticated attackers, with Contributor-level access and above, to create arbitrary WooCommerce discount coupons, potentially causing financial loss to the store."}], "title": "Reviewify <= 1.0.7 - Missing Authorization to Authenticated (Contributor+) Arbitrary WooCommerce Coupon Creation", "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/9db8756a-a177-4d39-b169-dc874cac2b3b?source=cve"}, {"url": "https://cwe.mitre.org/data/definitions/862.html"}, {"url": "https://plugins.trac.wordpress.org/browser/review-for-discount/trunk/admin/class-xswcrd-review-discounts-admin.php#L425"}, {"url": "https://plugins.trac.wordpress.org/browser/review-for-discount/tags/1.0.6/admin/class-xswcrd-review-discounts-admin.php#L425"}, {"url": "https://plugins.trac.wordpress.org/changeset/3434387/"}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-862 Missing Authorization", "cweId": "CWE-862", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "baseScore": 7.5, "baseSeverity": "HIGH"}}], "credits": [{"lang": "en", "type": "finder", "value": "Itthidej Aramsri"}], "timeline": [{"time": "2026-01-06T20:33:33.000Z", "lang": "en", "value": "Disclosed"}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-01-07T14:38:57.666312Z", "id": "CVE-2025-14070", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-01-07T14:39:21.080Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-14070", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-01-07T14:38:57.666312Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-01-07T14:39:16.955Z"}}], "cna": {"title": "Reviewify <= 1.0.7 - Missing Authorization to Authenticated (Contributor+) Arbitrary WooCommerce Coupon Creation", "credits": [{"lang": "en", "type": "finder", "value": "Itthidej Aramsri"}], "metrics": [{"cvssV3_1": {"version": "3.1", "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"}}], "affected": [{"vendor": "xfinitysoft", "product": "Reviewify \u2014 Review Discounts & Photo/Video Reviews for WooCommerce", "versions": [{"status": "affected", "version": "0", "versionType": "semver", "lessThanOrEqual": "1.0.7"}], "defaultStatus": "unaffected"}], "timeline": [{"lang": "en", "time": "2026-01-06T20:33:33.000Z", "value": "Disclosed"}], "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/9db8756a-a177-4d39-b169-dc874cac2b3b?source=cve"}, {"url": "https://cwe.mitre.org/data/definitions/862.html"}, {"url": "https://plugins.trac.wordpress.org/browser/review-for-discount/trunk/admin/class-xswcrd-review-discounts-admin.php#L425"}, {"url": "https://plugins.trac.wordpress.org/browser/review-for-discount/tags/1.0.6/admin/class-xswcrd-review-discounts-admin.php#L425"}, {"url": "https://plugins.trac.wordpress.org/changeset/3434387/"}], "descriptions": [{"lang": "en", "value": "The Reviewify plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'send_test_email' AJAX action in all versions up to, and including, 1.0.7. This makes it possible for authenticated attackers, with Contributor-level access and above, to create arbitrary WooCommerce discount coupons, potentially causing financial loss to the store."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-862", "description": "CWE-862 Missing Authorization"}]}], "providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-08T17:11:37.962Z"}}}, "cveMetadata": {"cveId": "CVE-2025-14070", "state": "PUBLISHED", "dateUpdated": "2026-04-08T17:11:37.962Z", "dateReserved": "2025-12-04T21:14:37.597Z", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "datePublished": "2026-01-07T09:21:01.280Z", "assignerShortName": "Wordfence"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "The Reviewify plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'send_test_email' AJAX action in all versions up to, and including, 1.0.7. This makes it possible for authenticated attackers, with Contributor-level access and above, to create arbitrary WooCommerce discount coupons, potentially causing financial loss to the store."}, {"lang": "es", "value": "El plugin Reviewify para WordPress es vulnerable a la modificaci\u00f3n no autorizada de datos debido a una comprobaci\u00f3n de capacidad faltante en la acci\u00f3n AJAX 'send_test_email' en todas las versiones hasta la 1.0.6, inclusive. Esto hace posible que atacantes autenticados, con acceso de nivel Colaborador y superior, creen cupones de descuento de WooCommerce arbitrarios, potencialmente causando p\u00e9rdidas financieras a la tienda."}], "id": "CVE-2025-14070", "lastModified": "2026-04-15T00:35:42.020", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "security@wordfence.com", "type": "Secondary"}]}, "published": "2026-01-07T12:16:51.800", "references": [{"source": "security@wordfence.com", "url": "https://cwe.mitre.org/data/definitions/862.html"}, {"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/browser/review-for-discount/tags/1.0.6/admin/class-xswcrd-review-discounts-admin.php#L425"}, {"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/browser/review-for-discount/trunk/admin/class-xswcrd-review-discounts-admin.php#L425"}, {"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/changeset/3434387/"}, {"source": "security@wordfence.com", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/9db8756a-a177-4d39-b169-dc874cac2b3b?source=cve"}], "sourceIdentifier": "security@wordfence.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-862"}], "source": "security@wordfence.com", "type": "Secondary"}]}

{}

{"analysis": {"en": {"generated_at": "2026-04-21T16:36:30.571066+00:00", "value": {"mitigation_remediation": ["Upgrade Reviewify to the latest released version, which includes the missing capability check for the AJAX action.", "If upgrading is delayed, restrict or revoke the Contributor role\u2019s access to the \u2018send_test_email\u2019 AJAX endpoint by editing plugin files or using a security plug\u2011in to block the action for non\u2011admin users.", "Monitor store logs for unexpected coupon creation activity and review any new discount codes that appear without owner authorization."], "summary": {"action": "Patch Immediately", "impact": "Unauthorized creation of WooCommerce discount coupons leading to financial loss"}, "threat_synthesis": {"affected_systems": "The flaw affects Version 1.0.7 and all earlier releases of Reviewify by xfinitysoft, a WordPress plugin used to manage reviews and discount code integration with WooCommerce. Any WordPress installation that has a vulnerable Reviewify plugin and allows Contributor\u2011level users to log in is susceptible.", "description_and_impact": "The Reviewify plugin contains a missing capability check on the \u201csend_test_email\u201d AJAX action that allows any authenticated user with the Contributor role or higher to create arbitrary WooCommerce discount coupons. This flaw enables the attacker to generate coupons that apply undesired discounts, potentially resulting in direct financial loss for the store.", "risk_and_exploitability": "The vulnerability can be exploited through a normal web request to the AJAX endpoint that is otherwise protected by a missing capability check. Attackers need only an authenticated Contributor or higher account, which is commonly available on many sites. The CVSS score of 7.5 indicates a moderate to high severity, but the EPSS score of less than 1% signals a low likelihood of widespread exploitation at present. The vulnerability is not listed in the CISA KEV catalog. While the risk of a successful exploit is moderate, the potential impact on revenue makes it important to remediate promptly."}}}}, "created": "2026-01-08T09:50:02.867049+00:00", "updated": "2026-04-21T16:45:15.213922+00:00", "vendors": ["wordpress", "wordpress$PRODUCT$wordpress"]}