{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-8147", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "state": "PUBLISHED", "assignerShortName": "Wordfence", "dateReserved": "2025-07-24T21:11:54.996Z", "datePublished": "2025-08-29T04:25:28.386Z", "dateUpdated": "2026-04-08T16:32:35.860Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-08T16:32:35.860Z"}, "affected": [{"vendor": "aurelienlws", "product": "LWSCache", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "2.8.5", "versionType": "semver"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "The LWSCache plugin for WordPress is vulnerable to unauthorized modification of data due to improper authorization on the lwscache_activatePlugin() function in all versions up to, and including, 2.8.5. This makes it possible for authenticated attackers, with Subscriber-level access and above, to activate arbitrary whitelisted LWS plugins."}], "title": "LWSCache <= 2.8.5 - Missing Authorization to Authenticated (Subscriber+) Limited Plugin Activation via lwscache_activatePlugin Function", "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/01a6a5bf-636b-416c-86fa-43f639624e80?source=cve"}, {"url": "https://plugins.trac.wordpress.org/browser/lwscache/tags/2.8.5/lwscache.php#L401"}, {"url": "https://wordpress.org/plugins/lwscache/#developers"}, {"url": "https://plugins.trac.wordpress.org/changeset/3352047/"}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-285 Improper Authorization", "cweId": "CWE-285", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", "baseScore": 4.3, "baseSeverity": "MEDIUM"}}], "credits": [{"lang": "en", "type": "finder", "value": "wesley"}], "timeline": [{"time": "2025-08-28T00:00:00.000Z", "lang": "en", "value": "Disclosed"}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-08-29T12:03:48.434562Z", "id": "CVE-2025-8147", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-08-29T12:03:54.361Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-8147", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-08-29T12:03:48.434562Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-08-29T12:03:51.687Z"}}], "cna": {"title": "LWSCache <= 2.8.5 - Missing Authorization to Authenticated (Subscriber+) Limited Plugin Activation via lwscache_activatePlugin Function", "credits": [{"lang": "en", "type": "finder", "value": "wesley"}], "metrics": [{"cvssV3_1": {"version": "3.1", "baseScore": 4.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"}}], "affected": [{"vendor": "aurelienlws", "product": "LWSCache", "versions": [{"status": "affected", "version": "0", "versionType": "semver", "lessThanOrEqual": "2.8.5"}], "defaultStatus": "unaffected"}], "timeline": [{"lang": "en", "time": "2025-08-28T00:00:00.000Z", "value": "Disclosed"}], "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/01a6a5bf-636b-416c-86fa-43f639624e80?source=cve"}, {"url": "https://plugins.trac.wordpress.org/browser/lwscache/tags/2.8.5/lwscache.php#L401"}, {"url": "https://wordpress.org/plugins/lwscache/#developers"}, {"url": "https://plugins.trac.wordpress.org/changeset/3352047/"}], "descriptions": [{"lang": "en", "value": "The LWSCache plugin for WordPress is vulnerable to unauthorized modification of data due to improper authorization on the lwscache_activatePlugin() function in all versions up to, and including, 2.8.5. This makes it possible for authenticated attackers, with Subscriber-level access and above, to activate arbitrary whitelisted LWS plugins."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-285", "description": "CWE-285 Improper Authorization"}]}], "providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-08T16:32:35.860Z"}}}, "cveMetadata": {"cveId": "CVE-2025-8147", "state": "PUBLISHED", "dateUpdated": "2026-04-08T16:32:35.860Z", "dateReserved": "2025-07-24T21:11:54.996Z", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "datePublished": "2025-08-29T04:25:28.386Z", "assignerShortName": "Wordfence"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "The LWSCache plugin for WordPress is vulnerable to unauthorized modification of data due to improper authorization on the lwscache_activatePlugin() function in all versions up to, and including, 2.8.5. This makes it possible for authenticated attackers, with Subscriber-level access and above, to activate arbitrary whitelisted LWS plugins."}], "id": "CVE-2025-8147", "lastModified": "2026-04-15T00:35:42.020", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 1.4, "source": "security@wordfence.com", "type": "Secondary"}]}, "published": "2025-08-29T05:15:31.483", "references": [{"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/browser/lwscache/tags/2.8.5/lwscache.php#L401"}, {"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/changeset/3352047/"}, {"source": "security@wordfence.com", "url": "https://wordpress.org/plugins/lwscache/#developers"}, {"source": "security@wordfence.com", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/01a6a5bf-636b-416c-86fa-43f639624e80?source=cve"}], "sourceIdentifier": "security@wordfence.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-285"}], "source": "security@wordfence.com", "type": "Secondary"}]}

{}

{"analysis": {"en": {"generated_at": "2026-04-22T16:57:25.475368+00:00", "value": {"mitigation_remediation": ["Apply the latest LWSCache plugin version to remove the missing authorization check.", "If an update is not immediately available, disable or remove the LWSCache plugin from the site to eliminate the vulnerable function.", "Restrict the Subscriber role by removing plugin activation capabilities or by auditing user roles to ensure only trusted accounts retain those permissions."], "summary": {"action": "Patch", "impact": "Privilege Escalation via Plugin Activation"}, "threat_synthesis": {"affected_systems": "The vulnerability applies to the LWSCache plugin from vendor aurelienlws, all versions up to and including 2.8.5. Users running an older or unchanged version are exposed until an update to a patched release is deployed. ", "description_and_impact": "The LWSCache WordPress plugin contains an improper authorization check in the lwscache_activatePlugin() function. The function allows authenticated users with Subscriber level access and higher to activate any whitelisted LWS plugin, thereby elevating their privileges within the site. This broken access control weakness (CWE\u2011285) enables an attacker who has legitimate login credentials or has compromised a subscriber account to execute arbitrary plugin code, potentially leaking data, modifying content, or injecting further malicious plugins. The impact is limited to the scope of the WordPress site but can affect confidentiality, integrity, and availability of the site content. ", "risk_and_exploitability": "The CVSS score of 4.3 classifies the risk as moderate, while the EPSS score of less than 1% indicates a low likelihood of exploitation at present. The vulnerability is not listed in the CISA KEV catalog. Attackers need only authenticated access with a Subscriber role or higher to activate arbitrary plugins, so the required attack vector is an authenticated WordPress session. The lack of additional constraints makes it an in\u2011application privilege escalation that can be abused once a valid account is obtained. "}}}}, "created": "2025-09-01T09:02:05.220715+00:00", "updated": "2026-04-22T17:00:12.339364+00:00", "vendors": ["aurelienlws", "aurelienlws$PRODUCT$lwscache", "wordpress", "wordpress$PRODUCT$wordpress"]}