{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-6003", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "state": "PUBLISHED", "assignerShortName": "Wordfence", "dateReserved": "2025-06-11T17:58:46.446Z", "datePublished": "2025-06-12T08:22:43.767Z", "dateUpdated": "2026-04-08T16:52:35.712Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-08T16:52:35.712Z"}, "affected": [{"vendor": "cyberlord92", "product": "WordPress Single Sign-On (SSO) - Single Site Standard", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "18.5.3", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "cyberlord92", "product": "WordPress Single Sign-On (SSO) - Single Site Premium", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "28.5.3", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "cyberlord92", "product": "WordPress Single Sign-On (SSO) - Multisite Premium", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "30.5.3", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "cyberlord92", "product": "WordPress Single Sign-On (SSO) - Single Site Enterprise", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "38.5.3", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "cyberlord92", "product": "WordPress Single Sign-On (SSO) - Multisite Enterprise", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "40.5.3", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "cyberlord92", "product": "WordPress Single Sign-On (SSO) - Single Site All-Inclusive", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "48.5.3", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "cyberlord92", "product": "WordPress Single Sign-On (SSO) - Multisite All-Inclusive", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "50.5.3", "versionType": "semver"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "The WordPress Single Sign-On (SSO) plugin for WordPress is vulnerable to unauthorized access due to a misconfigured capability check on a function in all versions up to, and including, the *.5.3 versions of the plugin. This makes it possible for unauthenticated attackers to extract sensitive data including site content that has been restricted to certain users and/or roles."}], "title": "WordPress Single Sign-On (SSO) - Multiple Versions - Incorrect Authorization to Sensitive Information Exposure", "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/51aa5531-e5b3-4c47-8d06-58eac6dd92fb?source=cve"}, {"url": "https://plugins.miniorange.com/wordpress-sso"}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-863 Incorrect Authorization", "cweId": "CWE-863", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "baseScore": 5.3, "baseSeverity": "MEDIUM"}}], "credits": [{"lang": "en", "type": "finder", "value": "Isra\u00ebl Hall\u00e9"}], "timeline": [{"time": "2025-02-13T00:00:00.000Z", "lang": "en", "value": "Vendor Notified"}, {"time": "2025-06-11T19:22:27.000Z", "lang": "en", "value": "Disclosed"}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-06-12T13:55:23.738209Z", "id": "CVE-2025-6003", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-06-12T13:55:38.251Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-6003", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-06-12T13:55:23.738209Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-06-12T13:55:30.185Z"}}], "cna": {"title": "WordPress Single Sign-On (SSO) - Multiple Versions - Incorrect Authorization to Sensitive Information Exposure", "credits": [{"lang": "en", "type": "finder", "value": "Isra\u00ebl Hall\u00e9"}], "metrics": [{"cvssV3_1": {"version": "3.1", "baseScore": 5.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}}], "affected": [{"vendor": "cyberlord92", "product": "WordPress Single Sign-On (SSO) - Single Site Standard", "versions": [{"status": "affected", "version": "*", "versionType": "semver", "lessThanOrEqual": "18.5.3"}], "defaultStatus": "unaffected"}, {"vendor": "cyberlord92", "product": "WordPress Single Sign-On (SSO) - Single Site Premium", "versions": [{"status": "affected", "version": "*", "versionType": "semver", "lessThanOrEqual": "28.5.3"}], "defaultStatus": "unaffected"}, {"vendor": "cyberlord92", "product": "WordPress Single Sign-On (SSO) - Multisite Premium", "versions": [{"status": "affected", "version": "*", "versionType": "semver", "lessThanOrEqual": "30.5.3"}], "defaultStatus": "unaffected"}, {"vendor": "cyberlord92", "product": "WordPress Single Sign-On (SSO) - Single Site Enterprise", "versions": [{"status": "affected", "version": "*", "versionType": "semver", "lessThanOrEqual": "38.5.3"}], "defaultStatus": "unaffected"}, {"vendor": "cyberlord92", "product": "WordPress Single Sign-On (SSO) - Multisite Enterprise", "versions": [{"status": "affected", "version": "*", "versionType": "semver", "lessThanOrEqual": "40.5.3"}], "defaultStatus": "unaffected"}, {"vendor": "cyberlord92", "product": "WordPress Single Sign-On (SSO) - Single Site All-Inclusive", "versions": [{"status": "affected", "version": "*", "versionType": "semver", "lessThanOrEqual": "48.5.3"}], "defaultStatus": "unaffected"}, {"vendor": "cyberlord92", "product": "WordPress Single Sign-On (SSO) - Multisite All-Inclusive", "versions": [{"status": "affected", "version": "*", "versionType": "semver", "lessThanOrEqual": "50.5.3"}], "defaultStatus": "unaffected"}], "timeline": [{"lang": "en", "time": "2025-02-13T00:00:00.000Z", "value": "Vendor Notified"}, {"lang": "en", "time": "2025-06-11T19:22:27.000Z", "value": "Disclosed"}], "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/51aa5531-e5b3-4c47-8d06-58eac6dd92fb?source=cve"}, {"url": "https://plugins.miniorange.com/wordpress-sso"}], "descriptions": [{"lang": "en", "value": "The WordPress Single Sign-On (SSO) plugin for WordPress is vulnerable to unauthorized access due to a misconfigured capability check on a function in all versions up to, and including, the *.5.3 versions of the plugin. This makes it possible for unauthenticated attackers to extract sensitive data including site content that has been restricted to certain users and/or roles."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-863", "description": "CWE-863 Incorrect Authorization"}]}], "providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2025-06-12T08:22:43.767Z"}}}, "cveMetadata": {"cveId": "CVE-2025-6003", "state": "PUBLISHED", "dateUpdated": "2025-06-12T13:55:38.251Z", "dateReserved": "2025-06-11T17:58:46.446Z", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "datePublished": "2025-06-12T08:22:43.767Z", "assignerShortName": "Wordfence"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "The WordPress Single Sign-On (SSO) plugin for WordPress is vulnerable to unauthorized access due to a misconfigured capability check on a function in all versions up to, and including, the *.5.3 versions of the plugin. This makes it possible for unauthenticated attackers to extract sensitive data including site content that has been restricted to certain users and/or roles."}, {"lang": "es", "value": "El complemento WordPress Single Sign-On (SSO) para WordPress es vulnerable a accesos no autorizados debido a una comprobaci\u00f3n de capacidad mal configurada en una funci\u00f3n en todas las versiones del complemento, hasta la versi\u00f3n *.5.3 incluida. Esto permite a atacantes no autenticados extraer datos confidenciales, incluido contenido del sitio restringido a ciertos usuarios o roles."}], "id": "CVE-2025-6003", "lastModified": "2026-04-15T00:35:42.020", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 1.4, "source": "security@wordfence.com", "type": "Secondary"}]}, "published": "2025-06-12T09:15:22.743", "references": [{"source": "security@wordfence.com", "url": "https://plugins.miniorange.com/wordpress-sso"}, {"source": "security@wordfence.com", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/51aa5531-e5b3-4c47-8d06-58eac6dd92fb?source=cve"}], "sourceIdentifier": "security@wordfence.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-863"}], "source": "security@wordfence.com", "type": "Secondary"}]}

{}

{"analysis": {"en": {"generated_at": "2026-04-22T01:22:52.288299+00:00", "value": {"mitigation_remediation": ["Upgrade the WordPress Single Sign-On (SSO) plugin to the latest release that fixes the capability check error.", "If the newest release cannot be immediately applied, limit public access to the compromised endpoints by disabling unused plugin features or applying access restrictions.", "Check site logs and content for signs that protected data may have been accessed or exfiltrated, and take remedial actions if evidence is found."], "summary": {"action": "Upgrade Plugin", "impact": "Sensitive Information Exposure"}, "threat_synthesis": {"affected_systems": "The affected component is the WordPress Single Sign-On (SSO) plugin by cyberlord92, in all editions (All\u2011Inclusive, Enterprise, Premium, Standard) for both single\u2011site and multisite configurations. Versions up through and including 5.3 are impacted; any deployment on these releases is vulnerable unless already upgraded beyond that series.", "description_and_impact": "The WordPress Single Sign-On (SSO) plugin contains a misconfigured capability check on a function, allowing unauthenticated callers to read data that should be restricted to certain roles. The flaw enables attackers to harvest sensitive site content, including pages, posts, or other protected resources, leading to a breach of confidentiality. This weakness maps to the Authorization error category described by CWE\u2011863.", "risk_and_exploitability": "The CVSS score of 5.3 indicates moderate threat, while the EPSS score of less than 1% suggests a low likelihood of active exploitation. The flaw is not listed in CISA\u2019s KEV catalog. The likely attack vector is a simple HTTP request against the plugin\u2019s exposed function, which does not perform proper capability checks, and does not require authentication. An attacker can send crafted URLs or form submissions to retrieve the hidden content, provided the site\u2019s public web interface is reachable."}}}}, "created": "2026-04-22T01:30:05.234555+00:00", "updated": "2026-04-22T01:30:05.234566+00:00", "vendors": []}