{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-69394", "assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3", "state": "PUBLISHED", "assignerShortName": "Patchstack", "dateReserved": "2025-12-31T20:13:16.054Z", "datePublished": "2026-02-20T15:46:56.050Z", "dateUpdated": "2026-04-28T16:14:40.031Z"}, "containers": {"cna": {"affected": [{"collectionURL": "https://wordpress.org/plugins", "defaultStatus": "unaffected", "packageName": "cnvrse", "product": "Cnvrse", "vendor": "cnvrse", "versions": [{"changes": [{"at": "026.02.10.20", "status": "unaffected"}], "lessThanOrEqual": "026.02.10.20", "status": "affected", "version": "0", "versionType": "custom"}]}], "credits": [{"lang": "en", "type": "finder", "value": "Jitlada | Patchstack Bug Bounty Program"}], "datePublic": "2026-04-22T14:20:00.182Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Authorization Bypass Through User-Controlled Key vulnerability in cnvrse Cnvrse cnvrse allows Exploiting Incorrectly Configured Access Control Security Levels.<p>This issue affects Cnvrse: from n/a through < 026.02.10.20.</p>"}], "value": "Authorization Bypass Through User-Controlled Key vulnerability in cnvrse Cnvrse cnvrse allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Cnvrse: from n/a through < 026.02.10.20."}], "impacts": [{"capecId": "CAPEC-180", "descriptions": [{"lang": "en", "value": "Exploiting Incorrectly Configured Access Control Security Levels"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-639", "description": "Authorization Bypass Through User-Controlled Key", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "21595511-bba5-4825-b968-b78d1f9984a3", "shortName": "Patchstack", "dateUpdated": "2026-04-28T16:14:40.031Z"}, "references": [{"tags": ["vdb-entry"], "url": "https://patchstack.com/database/Wordpress/Plugin/cnvrse/vulnerability/wordpress-cnvrse-plugin-025-12-24-01-insecure-direct-object-references-idor-vulnerability?_s_id=cve"}], "title": "WordPress Cnvrse plugin < 026.02.10.20 - Insecure Direct Object References (IDOR) vulnerability"}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-02-27T17:53:06.659730Z", "id": "CVE-2025-69394", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-27T18:46:48.605Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-69394", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-02-27T17:53:06.659730Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-02-27T17:54:56.132Z"}}], "cna": {"title": "WordPress Cnvrse plugin < 026.02.10.20 - Insecure Direct Object References (IDOR) vulnerability", "credits": [{"lang": "en", "type": "finder", "value": "Jitlada | Patchstack Bug Bounty Program"}], "impacts": [{"capecId": "CAPEC-180", "descriptions": [{"lang": "en", "value": "Exploiting Incorrectly Configured Access Control Security Levels"}]}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "cnvrse", "product": "Cnvrse", "versions": [{"status": "affected", "changes": [{"at": "026.02.10.20", "status": "unaffected"}], "version": "0", "versionType": "custom", "lessThanOrEqual": "026.02.10.20"}], "packageName": "cnvrse", "collectionURL": "https://wordpress.org/plugins", "defaultStatus": "unaffected"}], "datePublic": "2026-04-22T14:20:00.182Z", "references": [{"url": "https://patchstack.com/database/Wordpress/Plugin/cnvrse/vulnerability/wordpress-cnvrse-plugin-025-12-24-01-insecure-direct-object-references-idor-vulnerability?_s_id=cve", "tags": ["vdb-entry"]}], "descriptions": [{"lang": "en", "value": "Authorization Bypass Through User-Controlled Key vulnerability in cnvrse Cnvrse cnvrse allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Cnvrse: from n/a through < 026.02.10.20.", "supportingMedia": [{"type": "text/html", "value": "Authorization Bypass Through User-Controlled Key vulnerability in cnvrse Cnvrse cnvrse allows Exploiting Incorrectly Configured Access Control Security Levels.<p>This issue affects Cnvrse: from n/a through < 026.02.10.20.</p>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-639", "description": "Authorization Bypass Through User-Controlled Key"}]}], "providerMetadata": {"orgId": "21595511-bba5-4825-b968-b78d1f9984a3", "shortName": "Patchstack", "dateUpdated": "2026-04-23T14:14:01.610Z"}}}, "cveMetadata": {"cveId": "CVE-2025-69394", "state": "PUBLISHED", "dateUpdated": "2026-04-27T18:46:48.605Z", "dateReserved": "2025-12-31T20:13:16.054Z", "assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3", "datePublished": "2026-02-20T15:46:56.050Z", "assignerShortName": "Patchstack"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Authorization Bypass Through User-Controlled Key vulnerability in cnvrse Cnvrse cnvrse allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Cnvrse: from n/a through < 026.02.10.20."}, {"lang": "es", "value": "Vulnerabilidad de elusi\u00f3n de autorizaci\u00f3n a trav\u00e9s de clave controlada por el usuario en cnvrse Cnvrse cnvrse permite explotar niveles de seguridad de control de acceso configurados incorrectamente. Este problema afecta a Cnvrse: desde n/a hasta &lt;= 026.02.10.20."}], "id": "CVE-2025-69394", "lastModified": "2026-04-27T19:16:46.433", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "audit@patchstack.com", "type": "Secondary"}]}, "published": "2026-02-20T16:22:24.970", "references": [{"source": "audit@patchstack.com", "url": "https://patchstack.com/database/Wordpress/Plugin/cnvrse/vulnerability/wordpress-cnvrse-plugin-025-12-24-01-insecure-direct-object-references-idor-vulnerability?_s_id=cve"}], "sourceIdentifier": "audit@patchstack.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-639"}], "source": "audit@patchstack.com", "type": "Secondary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "[0,026.02.10.20]"}}], "enrichment": {"confidence": 100.0, "confidence_source": "cna", "scores": [{"score": 100.0, "source": "cna"}]}, "original": {"product": "Cnvrse", "source": "cna", "vendor": "cnvrse"}, "product": "cnvrse", "vendor": "cnvrse"}, {"configurations": [{"platform": null, "status": "unaffected", "versions": null}], "enrichment": {"confidence": 80.0, "confidence_source": "inferred", "scores": [{"score": 80.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "product": "wordpress", "vendor": "wordpress"}], "analysis": {"en": {"generated_at": "2026-04-27T20:15:53.667086+00:00", "value": {"mitigation_remediation": ["Update the Cnvrse plugin to version 026.02.10.21 or newer, when it becomes available, which removes the vulnerable key handling logic.", "If an update cannot be applied immediately, restrict the plugin\u2019s access control by limiting which user roles can execute the vulnerable functions, ensuring only administrators or trusted roles have permission.", "Review and harden the site\u2019s overall authorization settings, ensuring that all data and URL endpoints are protected by proper capability checks and audit the logs for unauthorized access attempts."], "summary": {"action": "Immediate Patch", "impact": "Authorization bypass via IDOR leading to unauthorized access to protected resources"}, "threat_synthesis": {"affected_systems": "WordPress installations that have the Cnvrse plugin version 026.02.10.20 or earlier are vulnerable. The CNA list identifies the product as \"cnvrse\" from version n/a through the mentioned release. No other vendors or products are listed, so the risk is limited to users running the affected plugin within WordPress sites.", "description_and_impact": "The Cnvrse plugin allows a user\u2011controlled key to be used in place of proper access controls, enabling an attacker to request the direct URL of protected objects without proper authorization. This Authorization Bypass Through User\u2011Controlled Key flaw can expose sensitive content or functionality that should be restricted, potentially exposing confidential data or system configuration to an attacker. The flaw is tied to CWE\u2011639 and manifests as an Insecure Direct Object Reference weakness.", "risk_and_exploitability": "The CVSS score of 7.5 indicates a high\u2011severity vulnerability, while the EPSS score of <1% suggests that exploitation attempts are currently rare. The vulnerability is not listed in the CISA KEV catalog. Based on the description, the likely attack vector is internal or authenticated, where a user can supply a crafted key or parameter to bypass access checks. An attacker with access to the affected WordPress dashboard or who can inject the key into requests could retrieve or manipulate objects that should be protected."}}}}, "created": "2026-02-23T14:37:01.783714+00:00", "updated": "2026-04-27T20:30:12.266032+00:00", "vendors": ["cnvrse", "cnvrse$PRODUCT$cnvrse", "wordpress", "wordpress$PRODUCT$wordpress"]}