{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-14392", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "state": "PUBLISHED", "assignerShortName": "Wordfence", "dateReserved": "2025-12-09T21:22:03.662Z", "datePublished": "2025-12-12T03:20:50.367Z", "dateUpdated": "2026-04-08T17:05:13.299Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-08T17:05:13.299Z"}, "affected": [{"vendor": "darendev", "product": "Simple Theme Changer", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "1.0", "versionType": "semver"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "The Simple Theme Changer plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the user_theme_admin, display_method_admin, and set_change_theme_button_name actions actions in all versions up to, and including, 1.0. This makes it possible for authenticated attackers, with subscriber-level access and above, to modify the plugin's settings."}], "title": "Simple Theme Changer <= 1.0. - Missing Authorization to Plugin Settings Update via AJAX Actions", "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/880712ee-373f-49e7-93e3-968f3a0f3f83?source=cve"}, {"url": "https://plugins.trac.wordpress.org/browser/simple-theme-changer/tags/1.0/class_theme_changer.php#L262"}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-862 Missing Authorization", "cweId": "CWE-862", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", "baseScore": 4.3, "baseSeverity": "MEDIUM"}}], "credits": [{"lang": "en", "type": "finder", "value": "dayea song"}], "timeline": [{"time": "2025-12-11T15:07:09.000Z", "lang": "en", "value": "Disclosed"}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-12-12T20:13:48.527180Z", "id": "CVE-2025-14392", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-12-15T18:13:42.851Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-14392", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-12-12T20:13:48.527180Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-12-12T20:14:17.327Z"}}], "cna": {"title": "Simple Theme Changer <= 1.0. - Missing Authorization to Plugin Settings Update via AJAX Actions", "credits": [{"lang": "en", "type": "finder", "value": "dayea song"}], "metrics": [{"cvssV3_1": {"version": "3.1", "baseScore": 4.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"}}], "affected": [{"vendor": "darendev", "product": "Simple Theme Changer", "versions": [{"status": "affected", "version": "0", "versionType": "semver", "lessThanOrEqual": "1.0"}], "defaultStatus": "unaffected"}], "timeline": [{"lang": "en", "time": "2025-12-11T15:07:09.000Z", "value": "Disclosed"}], "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/880712ee-373f-49e7-93e3-968f3a0f3f83?source=cve"}, {"url": "https://plugins.trac.wordpress.org/browser/simple-theme-changer/tags/1.0/class_theme_changer.php#L262"}], "descriptions": [{"lang": "en", "value": "The Simple Theme Changer plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the user_theme_admin, display_method_admin, and set_change_theme_button_name actions actions in all versions up to, and including, 1.0. This makes it possible for authenticated attackers, with subscriber-level access and above, to modify the plugin's settings."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-862", "description": "CWE-862 Missing Authorization"}]}], "providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-08T17:05:13.299Z"}}}, "cveMetadata": {"cveId": "CVE-2025-14392", "state": "PUBLISHED", "dateUpdated": "2026-04-08T17:05:13.299Z", "dateReserved": "2025-12-09T21:22:03.662Z", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "datePublished": "2025-12-12T03:20:50.367Z", "assignerShortName": "Wordfence"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "The Simple Theme Changer plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the user_theme_admin, display_method_admin, and set_change_theme_button_name actions actions in all versions up to, and including, 1.0. This makes it possible for authenticated attackers, with subscriber-level access and above, to modify the plugin's settings."}], "id": "CVE-2025-14392", "lastModified": "2026-04-15T00:35:42.020", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 1.4, "source": "security@wordfence.com", "type": "Secondary"}]}, "published": "2025-12-12T04:15:50.110", "references": [{"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/browser/simple-theme-changer/tags/1.0/class_theme_changer.php#L262"}, {"source": "security@wordfence.com", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/880712ee-373f-49e7-93e3-968f3a0f3f83?source=cve"}], "sourceIdentifier": "security@wordfence.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-862"}], "source": "security@wordfence.com", "type": "Secondary"}]}

{}

{"analysis": {"en": {"generated_at": "2026-04-21T17:27:01.037218+00:00", "value": {"mitigation_remediation": ["Update the Simple Theme Changer plugin to the latest version that includes the missing capability check.", "If an update is not available, restrict the affected Ajax actions to users with administrator privileges or add an explicit capability check in these endpoints.", "Disable or remove the plugin if it is not essential to site functionality."], "summary": {"action": "Immediate Patch", "impact": "Unauthorized update of plugin settings by authenticated users with subscriber role or higher"}, "threat_synthesis": {"affected_systems": "WordPress sites using the Simple Theme Changer plugin by darendev, versions 1.0 and earlier.", "description_and_impact": "The Simple Theme Changer plugin contains missing capability checks on the user_theme_admin, display_method_admin, and set_change_theme_button_name Ajax actions in all versions up to 1.0. This flaw allows an authenticated attacker who is a subscriber or higher to modify the plugin's settings, potentially changing the site's theme or related display options. The weakness is a missing permission check, classified as CWE\u2011862.", "risk_and_exploitability": "The CVSS score of 4.3 indicates low to moderate severity. The EPSS score of less than 1% suggests a very low likelihood of exploitation, and the vulnerability is not listed in CISA's KEV catalog. Attackers need to be authenticated and possess at least subscriber privileges, after which they can issue Ajax requests to the vulnerable actions."}}}}, "created": "2025-12-12T08:48:00.598979+00:00", "updated": "2026-04-21T17:30:37.700773+00:00", "vendors": ["wordpress", "wordpress$PRODUCT$wordpress"]}