{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-3912", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "state": "PUBLISHED", "assignerShortName": "Wordfence", "dateReserved": "2025-04-23T22:10:17.114Z", "datePublished": "2025-04-25T11:12:52.021Z", "dateUpdated": "2026-04-08T16:48:11.378Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-08T16:48:11.378Z"}, "affected": [{"vendor": "westguard", "product": "WS Form LITE \u2013 Drag & Drop Contact Form Builder", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "1.10.35", "versionType": "semver"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "The WS Form LITE \u2013 Drag & Drop Contact Form Builder for WordPress plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'get_config' function in all versions up to, and including, 1.10.35. This makes it possible for unauthenticated attackers to read the value of the plugin's settings, including API keys for integrated services."}], "title": "WS Form LITE \u2013 Drag & Drop Contact Form Builder for WordPress <= 1.10.35 - Missing Authorization to Unauthenticated Sensitive Information Exposure", "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/3f6058e2-a5ec-43b2-9cb7-9efcf0853ffc?source=cve"}, {"url": "https://plugins.trac.wordpress.org/browser/ws-form/trunk/ws-form.php"}, {"url": "https://plugins.trac.wordpress.org/browser/ws-form/trunk/api/class-ws-form-api.php"}, {"url": "https://plugins.trac.wordpress.org/browser/ws-form/trunk/includes/class-ws-form-config.php"}, {"url": "https://plugins.trac.wordpress.org/browser/ws-form/trunk/includes/class-ws-form-common.php"}, {"url": "https://plugins.trac.wordpress.org/changeset/3280355/"}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-862 Missing Authorization", "cweId": "CWE-862", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "baseScore": 5.3, "baseSeverity": "MEDIUM"}}], "credits": [{"lang": "en", "type": "finder", "value": "Amin Beheshti"}], "timeline": [{"time": "2025-04-24T00:00:00.000Z", "lang": "en", "value": "Disclosed"}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-04-25T13:53:31.896186Z", "id": "CVE-2025-3912", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-04-25T13:53:42.292Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-3912", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-04-25T13:53:31.896186Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-04-25T13:53:38.506Z"}}], "cna": {"title": "WS Form LITE \u2013 Drag & Drop Contact Form Builder for WordPress <= 1.10.35 - Missing Authorization to Unauthenticated Sensitive Information Exposure", "credits": [{"lang": "en", "type": "finder", "value": "Amin Beheshti"}], "metrics": [{"cvssV3_1": {"version": "3.1", "baseScore": 5.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}}], "affected": [{"vendor": "westguard", "product": "WS Form LITE \u2013 Drag & Drop Contact Form Builder", "versions": [{"status": "affected", "version": "0", "versionType": "semver", "lessThanOrEqual": "1.10.35"}], "defaultStatus": "unaffected"}], "timeline": [{"lang": "en", "time": "2025-04-24T00:00:00.000Z", "value": "Disclosed"}], "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/3f6058e2-a5ec-43b2-9cb7-9efcf0853ffc?source=cve"}, {"url": "https://plugins.trac.wordpress.org/browser/ws-form/trunk/ws-form.php"}, {"url": "https://plugins.trac.wordpress.org/browser/ws-form/trunk/api/class-ws-form-api.php"}, {"url": "https://plugins.trac.wordpress.org/browser/ws-form/trunk/includes/class-ws-form-config.php"}, {"url": "https://plugins.trac.wordpress.org/browser/ws-form/trunk/includes/class-ws-form-common.php"}, {"url": "https://plugins.trac.wordpress.org/changeset/3280355/"}], "descriptions": [{"lang": "en", "value": "The WS Form LITE \u2013 Drag & Drop Contact Form Builder for WordPress plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'get_config' function in all versions up to, and including, 1.10.35. This makes it possible for unauthenticated attackers to read the value of the plugin's settings, including API keys for integrated services."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-862", "description": "CWE-862 Missing Authorization"}]}], "providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-08T16:48:11.378Z"}}}, "cveMetadata": {"cveId": "CVE-2025-3912", "state": "PUBLISHED", "dateUpdated": "2026-04-08T16:48:11.378Z", "dateReserved": "2025-04-23T22:10:17.114Z", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "datePublished": "2025-04-25T11:12:52.021Z", "assignerShortName": "Wordfence"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "The WS Form LITE \u2013 Drag & Drop Contact Form Builder for WordPress plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'get_config' function in all versions up to, and including, 1.10.35. This makes it possible for unauthenticated attackers to read the value of the plugin's settings, including API keys for integrated services."}, {"lang": "es", "value": "El complemento WS Form LITE \u2013 Drag &amp; Drop Contact Form Builder for WordPress para WordPress es vulnerable al acceso no autorizado a los datos debido a la falta de una comprobaci\u00f3n de capacidad en la funci\u00f3n 'get_config' en todas las versiones hasta la 1.10.35 incluida. Esto permite que atacantes no autenticados lean la configuraci\u00f3n del complemento, incluidas las claves API para los servicios integrados."}], "id": "CVE-2025-3912", "lastModified": "2026-04-15T00:35:42.020", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 1.4, "source": "security@wordfence.com", "type": "Secondary"}]}, "published": "2025-04-25T12:15:17.243", "references": [{"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/browser/ws-form/trunk/api/class-ws-form-api.php"}, {"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/browser/ws-form/trunk/includes/class-ws-form-common.php"}, {"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/browser/ws-form/trunk/includes/class-ws-form-config.php"}, {"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/browser/ws-form/trunk/ws-form.php"}, {"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/changeset/3280355/"}, {"source": "security@wordfence.com", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/3f6058e2-a5ec-43b2-9cb7-9efcf0853ffc?source=cve"}], "sourceIdentifier": "security@wordfence.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-862"}], "source": "security@wordfence.com", "type": "Secondary"}]}

{}

{"analysis": {"en": {"generated_at": "2026-04-22T01:38:44.560439+00:00", "value": {"mitigation_remediation": ["Update WS Form LITE to the latest available version (1.10.36 or later) to remove the missing capability check.", "If an update cannot be applied immediately, delete or invalidate any API keys that are stored in the plugin settings to limit exposure of sensitive credentials.", "Restrict or block unauthenticated requests to the 'get_config' endpoint using a web\u2011application firewall, a security plugin rule, or a host\u2011level firewall rule to enforce authentication before configuration data can be read."], "summary": {"action": "Immediate Patch", "impact": "Unauthenticated Sensitive Information Exposure"}, "threat_synthesis": {"affected_systems": "The affected product is the WS Form LITE \u2013 Drag & Drop Contact Form Builder for WordPress provided by Westguard. All releases up to and including version 1.10.35 contain this issue; no later releases are listed as affected. If your site uses any of these versions, it is vulnerable.\n", "description_and_impact": "This vulnerability is caused by a missing capability check in the get_config function of the WS Form LITE plugin for WordPress. Because the check is omitted, any user can request the function and read the plugin\u2019s configuration, including API keys for integrated services. This flaw leads to a confidentiality breach where attackers can obtain sensitive credentials that may enable impersonation of services or further exploitation.\n", "risk_and_exploitability": "The CVSS score of 5.3 indicates moderate severity. EPSS is less than 1%, suggesting a low probability of exploitation, and the vulnerability is not included in the CISA KEV catalog. An attacker can exploit the flaw by invoking the get_config function without authentication. The likely attack vector is an unauthenticated HTTP request to the get_config endpoint, based on the description that the check is missing.\n"}}}}, "created": "2026-04-22T01:45:05.621526+00:00", "updated": "2026-04-22T01:45:05.621537+00:00", "vendors": []}