{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-3104", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "state": "PUBLISHED", "assignerShortName": "Wordfence", "dateReserved": "2025-04-01T21:47:26.857Z", "datePublished": "2025-04-16T08:22:17.436Z", "dateUpdated": "2026-04-08T16:54:18.717Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-08T16:54:18.717Z"}, "affected": [{"vendor": "WPStaging", "product": "WP STAGING Pro WordPress Backup Plugin", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "6.1.2", "versionType": "semver"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "The WP STAGING Pro WordPress Backup Plugin for WordPress is vulnerable to Information Exposure in all versions up to and including 6.1.2 due to missing capability checks on the getOutdatedPluginsRequest() function. This makes it possible for unauthenticated attackers to reveal outdated installed active or inactive plugins."}], "title": "WP Staging Pro <= 6.1.2 - Unauthenticated Information Exposure via getOutdatedPluginsRequest Function", "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/572e290e-9324-4c17-8c3b-fa67233b15c4?source=cve"}, {"url": "https://wp-staging.com/wp-staging-pro-changelog/"}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor", "cweId": "CWE-200", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "baseScore": 5.3, "baseSeverity": "MEDIUM"}}], "credits": [{"lang": "en", "type": "finder", "value": "haidv35"}], "timeline": [{"time": "2025-04-15T19:52:04.000Z", "lang": "en", "value": "Disclosed"}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-04-16T14:12:26.011086Z", "id": "CVE-2025-3104", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-04-16T14:34:09.724Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-3104", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-04-16T14:12:26.011086Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-04-16T14:12:52.590Z"}}], "cna": {"title": "WP Staging Pro <= 6.1.2 - Unauthenticated Information Exposure via getOutdatedPluginsRequest Function", "credits": [{"lang": "en", "type": "finder", "value": "haidv35"}], "metrics": [{"cvssV3_1": {"version": "3.1", "baseScore": 5.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}}], "affected": [{"vendor": "WPStaging", "product": "WP STAGING Pro WordPress Backup Plugin", "versions": [{"status": "affected", "version": "0", "versionType": "semver", "lessThanOrEqual": "6.1.2"}], "defaultStatus": "unaffected"}], "timeline": [{"lang": "en", "time": "2025-04-15T19:52:04.000Z", "value": "Disclosed"}], "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/572e290e-9324-4c17-8c3b-fa67233b15c4?source=cve"}, {"url": "https://wp-staging.com/wp-staging-pro-changelog/"}], "descriptions": [{"lang": "en", "value": "The WP STAGING Pro WordPress Backup Plugin for WordPress is vulnerable to Information Exposure in all versions up to and including 6.1.2 due to missing capability checks on the getOutdatedPluginsRequest() function. This makes it possible for unauthenticated attackers to reveal outdated installed active or inactive plugins."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-200", "description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor"}]}], "providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-08T16:54:18.717Z"}}}, "cveMetadata": {"cveId": "CVE-2025-3104", "state": "PUBLISHED", "dateUpdated": "2026-04-08T16:54:18.717Z", "dateReserved": "2025-04-01T21:47:26.857Z", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "datePublished": "2025-04-16T08:22:17.436Z", "assignerShortName": "Wordfence"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "The WP STAGING Pro WordPress Backup Plugin for WordPress is vulnerable to Information Exposure in all versions up to and including 6.1.2 due to missing capability checks on the getOutdatedPluginsRequest() function. This makes it possible for unauthenticated attackers to reveal outdated installed active or inactive plugins."}, {"lang": "es", "value": "El complemento WP STAGING Pro WordPress Backup para WordPress es vulnerable a la exposici\u00f3n de informaci\u00f3n en todas las versiones hasta la 6.1.2 incluida, debido a la falta de comprobaciones de capacidad en la funci\u00f3n getOutdatedPluginsRequest(). Esto permite que atacantes no autenticados revelen complementos instalados, activos o inactivos, obsoletos."}], "id": "CVE-2025-3104", "lastModified": "2026-04-15T00:35:42.020", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 1.4, "source": "security@wordfence.com", "type": "Secondary"}]}, "published": "2025-04-16T09:15:28.030", "references": [{"source": "security@wordfence.com", "url": "https://wp-staging.com/wp-staging-pro-changelog/"}, {"source": "security@wordfence.com", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/572e290e-9324-4c17-8c3b-fa67233b15c4?source=cve"}], "sourceIdentifier": "security@wordfence.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-200"}], "source": "security@wordfence.com", "type": "Secondary"}]}

{}

{"analysis": {"en": {"generated_at": "2026-04-22T04:13:26.821063+00:00", "value": {"mitigation_remediation": ["Upgrade WP STAGING Pro to version 6.1.3 or later to include the missing capability checks.", "Restrict access to the plugin\u2019s admin interface so that only users with appropriate permissions can perform plugin management tasks.", "Disable or block unauthenticated requests to the getOutdatedPluginsRequest endpoint by configuring the web server or adding network-level rules."], "summary": {"action": "Apply Patch", "impact": "Information Exposure"}, "threat_synthesis": {"affected_systems": "All WordPress installations that have the WP STAGING Pro plugin installed with a version number up to and including 6.1.2 are affected. The vulnerability applies regardless of the number or type of plugins present on the site; every instance of the plugin in those versions is susceptible. Sites running newer versions of the plugin are not impacted.", "description_and_impact": "The WP STAGING Pro WordPress Backup Plugin contains a flaw where the getOutdatedPluginsRequest() function lacks a capability check, allowing anyone without authentication to invoke it. This results in an information disclosure that reveals the list of active and inactive plugins and their versions on the site. The primary impact is the accidental exposure of potentially sensitive plugin details, which could be used for reconnaissance but does not facilitate code execution or other direct attacks.", "risk_and_exploitability": "The CVSS score of 5.3 places this flaw in the moderate severity range, while the EPSS score of less than 1% indicates a very low probability of exploitation in the wild. The vulnerability is not listed in the CISA KEV catalog. Based on the description, the likely attack vector is an unauthenticated HTTP request to the getOutdatedPluginsRequest endpoint. Due to the missing capability check, an attacker can simply send a request to the relevant endpoint, such as /wp-admin/admin-ajax.php?action=getOutdatedPluginsRequest, from any external network to retrieve plugin information. No special privileges are required, making the attack vector straightforward for unauthenticated users."}}}}, "created": "2026-04-22T04:15:07.540441+00:00", "updated": "2026-04-22T04:15:07.540451+00:00", "vendors": []}