{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-1530", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "state": "PUBLISHED", "assignerShortName": "Wordfence", "dateReserved": "2025-02-21T00:47:08.805Z", "datePublished": "2025-03-15T11:13:28.584Z", "dateUpdated": "2026-04-08T17:28:05.660Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-08T17:28:05.660Z"}, "affected": [{"vendor": "tripetto", "product": "WordPress form builder plugin for contact forms, surveys and quizzes \u2013 Tripetto", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "8.0.9", "versionType": "semver"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "The Tripetto plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 8.0.9. This is due to missing nonce validation. This makes it possible for unauthenticated attackers to delete arbitrary results via a forged request granted they can trick a site administrator into performing an action such as clicking on a link."}], "title": "Tripetto <= 8.0.9 - Cross-Site Request Forgery to Arbitrary Results Deletion", "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/dd80abd9-3f41-414a-a781-9bff7d85ec4b?source=cve"}, {"url": "https://plugins.trac.wordpress.org/browser/tripetto/trunk/lib/capabilities.php"}, {"url": "https://wordpress.org/plugins/tripetto/#developers"}, {"url": "https://plugins.trac.wordpress.org/changeset/3251202/tripetto/trunk/admin/results/list.php"}, {"url": "https://plugins.trac.wordpress.org/changeset/3251202/"}, {"url": "https://plugins.trac.wordpress.org/changeset/3251202/tripetto/trunk/admin/results/results.php"}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-352 Cross-Site Request Forgery (CSRF)", "cweId": "CWE-352", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", "baseScore": 4.3, "baseSeverity": "MEDIUM"}}], "credits": [{"lang": "en", "type": "finder", "value": "Duc Manh"}], "timeline": [{"time": "2025-03-14T22:58:21.000Z", "lang": "en", "value": "Disclosed"}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-03-17T21:25:11.292083Z", "id": "CVE-2025-1530", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-03-17T21:27:38.567Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-1530", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-03-17T21:25:11.292083Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-03-17T21:25:12.511Z"}}], "cna": {"title": "Tripetto <= 8.0.9 - Cross-Site Request Forgery to Arbitrary Results Deletion", "credits": [{"lang": "en", "type": "finder", "value": "Duc Manh"}], "metrics": [{"cvssV3_1": {"version": "3.1", "baseScore": 4.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"}}], "affected": [{"vendor": "tripetto", "product": "WordPress form builder plugin for contact forms, surveys and quizzes \u2013 Tripetto", "versions": [{"status": "affected", "version": "0", "versionType": "semver", "lessThanOrEqual": "8.0.9"}], "defaultStatus": "unaffected"}], "timeline": [{"lang": "en", "time": "2025-03-14T22:58:21.000Z", "value": "Disclosed"}], "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/dd80abd9-3f41-414a-a781-9bff7d85ec4b?source=cve"}, {"url": "https://plugins.trac.wordpress.org/browser/tripetto/trunk/lib/capabilities.php"}, {"url": "https://wordpress.org/plugins/tripetto/#developers"}, {"url": "https://plugins.trac.wordpress.org/changeset/3251202/tripetto/trunk/admin/results/list.php"}, {"url": "https://plugins.trac.wordpress.org/changeset/3251202/"}, {"url": "https://plugins.trac.wordpress.org/changeset/3251202/tripetto/trunk/admin/results/results.php"}], "descriptions": [{"lang": "en", "value": "The Tripetto plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 8.0.9. This is due to missing nonce validation. This makes it possible for unauthenticated attackers to delete arbitrary results via a forged request granted they can trick a site administrator into performing an action such as clicking on a link."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-352", "description": "CWE-352 Cross-Site Request Forgery (CSRF)"}]}], "providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-08T17:28:05.660Z"}}}, "cveMetadata": {"cveId": "CVE-2025-1530", "state": "PUBLISHED", "dateUpdated": "2026-04-08T17:28:05.660Z", "dateReserved": "2025-02-21T00:47:08.805Z", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "datePublished": "2025-03-15T11:13:28.584Z", "assignerShortName": "Wordfence"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:tripetto:tripetto:*:*:*:*:*:wordpress:*:*", "matchCriteriaId": "881B126F-8C5E-4D36-A358-9957A90BC27D", "versionEndExcluding": "8.0.10", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The Tripetto plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 8.0.9. This is due to missing nonce validation. This makes it possible for unauthenticated attackers to delete arbitrary results via a forged request granted they can trick a site administrator into performing an action such as clicking on a link."}, {"lang": "es", "value": "El complemento Tripetto para WordPress es vulnerable a Cross-Site Request Forgery en todas las versiones hasta la 8.0.9 incluida. Esto se debe a la falta de validaci\u00f3n de nonce. Esto permite que atacantes no autenticados eliminen resultados arbitrarios mediante una solicitud falsificada, ya que pueden enga\u00f1ar al administrador del sitio para que realice una acci\u00f3n como hacer clic en un enlace."}], "id": "CVE-2025-1530", "lastModified": "2025-03-25T20:02:28.730", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 1.4, "source": "security@wordfence.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 1.4, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2025-03-15T12:15:11.890", "references": [{"source": "security@wordfence.com", "tags": ["Product"], "url": "https://plugins.trac.wordpress.org/browser/tripetto/trunk/lib/capabilities.php"}, {"source": "security@wordfence.com", "tags": ["Patch"], "url": "https://plugins.trac.wordpress.org/changeset/3251202/"}, {"source": "security@wordfence.com", "tags": ["Product"], "url": "https://plugins.trac.wordpress.org/changeset/3251202/tripetto/trunk/admin/results/list.php"}, {"source": "security@wordfence.com", "tags": ["Patch"], "url": "https://plugins.trac.wordpress.org/changeset/3251202/tripetto/trunk/admin/results/results.php"}, {"source": "security@wordfence.com", "tags": ["Product"], "url": "https://wordpress.org/plugins/tripetto/#developers"}, {"source": "security@wordfence.com", "tags": ["Third Party Advisory"], "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/dd80abd9-3f41-414a-a781-9bff7d85ec4b?source=cve"}], "sourceIdentifier": "security@wordfence.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-352"}], "source": "security@wordfence.com", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-352"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{"analysis": {"en": {"generated_at": "2026-04-21T21:51:53.334666+00:00", "value": {"mitigation_remediation": ["Upgrade the Tripetto plugin to the latest stable version (\u22658.1.0) to restore nonce validation for result deletion.", "Configure WordPress user roles to limit the 'Delete results' capability to administrators only, using the built\u2011in role editor or a role management plugin.", "If the result deletion feature is not required, disable it completely by adjusting plugin settings or adding a small code snippet.", "Continuously monitor the results dashboard and audit logs for any unexpected deletions to detect possible exploitation."], "summary": {"action": "Apply patch", "impact": "Unrestricted deletion of tripetto form results"}, "threat_synthesis": {"affected_systems": "All WordPress installations that use the Tripetto plugin version 8.0.9 or earlier are affected. The vulnerability is present in the core Tripetto plugin delivered as a WordPress form builder, surveys and quizzes extension.", "description_and_impact": "The Tripetto WordPress plugin suffers from a Cross\u2011Site Request Forgery flaw caused by missing nonce validation in all releases up to 8.0.9. A victim attacker who can persuade a site administrator to click a crafted link can initiate a request that deletes any form submission stored by the plugin. This results in loss of data integrity and availability for any surveys, quizzes, or contact forms managed through Tripetto.", "risk_and_exploitability": "The CVSS score of 4.3 indicates moderate severity. The EPSS score of less than 1% suggests a very low probability of exploitation at present, and the vulnerability is not listed in the CISA KEV catalog. The attack vector is Cross\u2011Site Request Forgery; it requires that an unauthenticated attacker convince a legitimate site administrator to perform a specific action such as clicking a link. If successful, the attacker can delete arbitrary form results, potentially impacting data availability but not code execution or system compromise."}}}}, "created": "2026-04-21T22:00:26.595503+00:00", "updated": "2026-04-21T22:00:26.595514+00:00", "vendors": []}