{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-14270", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "state": "PUBLISHED", "assignerShortName": "Wordfence", "dateReserved": "2025-12-08T14:15:55.997Z", "datePublished": "2026-02-19T04:36:21.072Z", "dateUpdated": "2026-04-08T17:17:02.176Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-08T17:17:02.176Z"}, "affected": [{"vendor": "walterpinem", "product": "OneClick Chat to Order", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "1.0.9", "versionType": "semver"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "The OneClick Chat to Order plugin for WordPress is vulnerable to authorization bypass in versions up to, and including, 1.0.9. This is due to the plugin not properly verifying that a user is authorized to perform an action in the wa_order_number_save_number_field function. This makes it possible for authenticated attackers, with Editor-level access and above, to modify WhatsApp phone numbers used by the plugin, redirecting customer orders and messages to attacker-controlled phone numbers."}], "title": "OneClick Chat to Order <= 1.0.9 - Missing Authorization to Authenticated (Editor+) Plugin Settings Update", "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/b4b5cc5e-af82-49e0-a0b5-d27c3631a102?source=cve"}, {"url": "https://plugins.trac.wordpress.org/browser/oneclick-whatsapp-order/tags/1.0.9/includes/multiple-numbers.php#L156"}, {"url": "https://plugins.trac.wordpress.org/browser/oneclick-whatsapp-order/tags/1.0.9/includes/multiple-numbers.php#L26"}, {"url": "https://developer.wordpress.org/plugins/security/checking-user-capabilities/"}, {"url": "https://developer.wordpress.org/plugins/security/nonces/"}, {"url": "https://cwe.mitre.org/data/definitions/862.html"}, {"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3417664%40oneclick-whatsapp-order&new=3417664%40oneclick-whatsapp-order&sfp_email=&sfph_mail="}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-862 Missing Authorization", "cweId": "CWE-862", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N", "baseScore": 2.7, "baseSeverity": "LOW"}}], "credits": [{"lang": "en", "type": "finder", "value": "Mohammad Amin Hajian"}], "timeline": [{"time": "2026-02-18T16:05:27.000Z", "lang": "en", "value": "Disclosed"}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-02-24T01:35:01.408068Z", "id": "CVE-2025-14270", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-02-24T01:35:17.117Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-14270", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-02-24T01:35:01.408068Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-02-24T01:35:11.933Z"}}], "cna": {"title": "OneClick Chat to Order <= 1.0.9 - Missing Authorization to Authenticated (Editor+) Plugin Settings Update", "credits": [{"lang": "en", "type": "finder", "value": "Mohammad Amin Hajian"}], "metrics": [{"cvssV3_1": {"version": "3.1", "baseScore": 2.7, "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N"}}], "affected": [{"vendor": "walterpinem", "product": "OneClick Chat to Order", "versions": [{"status": "affected", "version": "*", "versionType": "semver", "lessThanOrEqual": "1.0.9"}], "defaultStatus": "unaffected"}], "timeline": [{"lang": "en", "time": "2026-02-18T16:05:27.000Z", "value": "Disclosed"}], "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/b4b5cc5e-af82-49e0-a0b5-d27c3631a102?source=cve"}, {"url": "https://plugins.trac.wordpress.org/browser/oneclick-whatsapp-order/tags/1.0.9/includes/multiple-numbers.php#L156"}, {"url": "https://plugins.trac.wordpress.org/browser/oneclick-whatsapp-order/tags/1.0.9/includes/multiple-numbers.php#L26"}, {"url": "https://developer.wordpress.org/plugins/security/checking-user-capabilities/"}, {"url": "https://developer.wordpress.org/plugins/security/nonces/"}, {"url": "https://cwe.mitre.org/data/definitions/862.html"}, {"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3417664%40oneclick-whatsapp-order&new=3417664%40oneclick-whatsapp-order&sfp_email=&sfph_mail="}], "descriptions": [{"lang": "en", "value": "The OneClick Chat to Order plugin for WordPress is vulnerable to authorization bypass in versions up to, and including, 1.0.9. This is due to the plugin not properly verifying that a user is authorized to perform an action in the wa_order_number_save_number_field function. This makes it possible for authenticated attackers, with Editor-level access and above, to modify WhatsApp phone numbers used by the plugin, redirecting customer orders and messages to attacker-controlled phone numbers."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-862", "description": "CWE-862 Missing Authorization"}]}], "providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-02-19T04:36:21.072Z"}}}, "cveMetadata": {"cveId": "CVE-2025-14270", "state": "PUBLISHED", "dateUpdated": "2026-02-24T01:35:17.117Z", "dateReserved": "2025-12-08T14:15:55.997Z", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "datePublished": "2026-02-19T04:36:21.072Z", "assignerShortName": "Wordfence"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "The OneClick Chat to Order plugin for WordPress is vulnerable to authorization bypass in versions up to, and including, 1.0.9. This is due to the plugin not properly verifying that a user is authorized to perform an action in the wa_order_number_save_number_field function. This makes it possible for authenticated attackers, with Editor-level access and above, to modify WhatsApp phone numbers used by the plugin, redirecting customer orders and messages to attacker-controlled phone numbers."}, {"lang": "es", "value": "El plugin OneClick Chat to Order para WordPress es vulnerable a una omisi\u00f3n de autorizaci\u00f3n en versiones hasta la 1.0.9, inclusive. Esto se debe a que el plugin no verifica correctamente que un usuario est\u00e1 autorizado para realizar una acci\u00f3n en la funci\u00f3n wa_order_number_save_number_field. Esto hace posible que atacantes autenticados, con acceso de nivel Editor o superior, modifiquen los n\u00fameros de tel\u00e9fono de WhatsApp utilizados por el plugin, redirigiendo pedidos y mensajes de clientes a n\u00fameros de tel\u00e9fono controlados por el atacante."}], "id": "CVE-2025-14270", "lastModified": "2026-04-15T00:35:42.020", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 2.7, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 1.2, "impactScore": 1.4, "source": "security@wordfence.com", "type": "Secondary"}]}, "published": "2026-02-19T07:17:34.523", "references": [{"source": "security@wordfence.com", "url": "https://cwe.mitre.org/data/definitions/862.html"}, {"source": "security@wordfence.com", "url": "https://developer.wordpress.org/plugins/security/checking-user-capabilities/"}, {"source": "security@wordfence.com", "url": "https://developer.wordpress.org/plugins/security/nonces/"}, {"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/browser/oneclick-whatsapp-order/tags/1.0.9/includes/multiple-numbers.php#L156"}, {"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/browser/oneclick-whatsapp-order/tags/1.0.9/includes/multiple-numbers.php#L26"}, {"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3417664%40oneclick-whatsapp-order&new=3417664%40oneclick-whatsapp-order&sfp_email=&sfph_mail="}, {"source": "security@wordfence.com", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/b4b5cc5e-af82-49e0-a0b5-d27c3631a102?source=cve"}], "sourceIdentifier": "security@wordfence.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-862"}], "source": "security@wordfence.com", "type": "Secondary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[0,1.0.9]"}}], "enrichment": {"confidence": 100.0, "confidence_source": "matching", "scores": [{"score": 100.0, "source": "matching"}]}, "original": {"product": "OneClick Chat to Order", "source": "cna", "vendor": "walterpinem"}, "product": "oneclick_chat_to_order", "vendor": "walterpinem"}, {"configurations": [{"platform": null, "status": "unaffected", "versions": null}], "enrichment": {"confidence": 80.0, "confidence_source": "inferred", "scores": [{"score": 80.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "product": "wordpress", "vendor": "wordpress"}], "analysis": {"en": {"generated_at": "2026-04-20T20:51:26.836857+00:00", "value": {"mitigation_remediation": ["Upgrade the OneClick Chat to Order plugin to a version newer than 1.0.9 that implements proper authorization checks.", "If an upgrade is not immediately feasible, disable the plugin to prevent modification of phone numbers until a fix is applied.", "Restrict Editor and higher roles from accessing the plugin settings page through custom capability adjustments or role management plugins.", "Verify that all plugin settings changes are protected by WordPress nonces and capability checks before deployment."], "summary": {"action": "Update Plugin", "impact": "Authorization Bypass"}, "threat_synthesis": {"affected_systems": "The vendor walterpimen publishes the OneClick Chat to Order plugin. Versions up to and including 1.0.9 are vulnerable. Updating to any release newer than 1.0.9 removes the verification issue.\n", "description_and_impact": "The OneClick Chat to Order plugin for WordPress is affected by an unauthorized modification vulnerability (CWE-862). The plugin fails to verify that an authenticated user has permission to change phone number settings in the wa_order_number_save_number_field function. A malicious Editor or higher level user can alter the phone numbers used for WhatsApp orders, causing customer orders and communications to be redirected to attacker-controlled numbers. This flaw does not provide code execution but enables malicious modification of configuration data, potentially allowing fraud and loss of revenue.", "risk_and_exploitability": "The CVSS score is 2.7, indicating a low severity flaw. The EPSS score is less than 1%, implying a very low probability of exploitation in the wild, and it is not listed in the CISA KEV catalog. The likely attack vector is through the WordPress administrative interface where a user with Editor or higher capability can access plugin settings. Because the flaw requires prior authenticated access it is not exploitable by unauthenticated users, but any site where Editors have approval authority is at risk."}}}}, "created": "2026-02-19T10:06:58.870562+00:00", "updated": "2026-04-20T21:00:12.956838+00:00", "vendors": ["walterpinem", "walterpinem$PRODUCT$oneclick_chat_to_order", "wordpress", "wordpress$PRODUCT$wordpress"]}