{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-8446", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "state": "PUBLISHED", "assignerShortName": "Wordfence", "dateReserved": "2025-07-31T19:44:08.833Z", "datePublished": "2025-09-16T11:17:09.118Z", "dateUpdated": "2026-04-08T17:14:03.943Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-08T17:14:03.943Z"}, "affected": [{"vendor": "blazethemes", "product": "Blaze Demo Importer", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "1.0.12", "versionType": "semver"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "The Blaze Demo Importer plugin for WordPress is vulnerable to unauthorized limited plugin install due to a missing capability check on the 'blaze_demo_importer_install_plugin' function in all versions up to, and including, 1.0.12. This makes it possible for authenticated attackers, with Subscriber-level access and above, to install and activate a limited number of specific plugins. The News Kit Elementor Addons plugin and a BlazeThemes theme must be installed and activated in order to exploit the vulnerability."}], "title": "Blaze Demo Importer <= 1.0.12 - Missing Authorization to Authenticated (Subscriber+) Limited Plugin Install", "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/a91bd1cf-ac63-4d65-b9fc-3fa2507cc27e?source=cve"}, {"url": "https://plugins.trac.wordpress.org/browser/blaze-demo-importer/trunk/blaze-demo-importer.php#L91"}, {"url": "https://plugins.trac.wordpress.org/changeset/3361179/"}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-862 Missing Authorization", "cweId": "CWE-862", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", "baseScore": 4.3, "baseSeverity": "MEDIUM"}}], "credits": [{"lang": "en", "type": "finder", "value": "wesley"}], "timeline": [{"time": "2025-09-15T00:00:00.000Z", "lang": "en", "value": "Disclosed"}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-09-16T19:29:56.774556Z", "id": "CVE-2025-8446", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-09-16T19:30:06.936Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-8446", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-09-16T19:29:56.774556Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-09-16T19:30:00.680Z"}}], "cna": {"title": "Blaze Demo Importer <= 1.0.12 - Missing Authorization to Authenticated (Subscriber+) Limited Plugin Install", "credits": [{"lang": "en", "type": "finder", "value": "wesley"}], "metrics": [{"cvssV3_1": {"version": "3.1", "baseScore": 4.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"}}], "affected": [{"vendor": "blazethemes", "product": "Blaze Demo Importer", "versions": [{"status": "affected", "version": "0", "versionType": "semver", "lessThanOrEqual": "1.0.12"}], "defaultStatus": "unaffected"}], "timeline": [{"lang": "en", "time": "2025-09-15T00:00:00.000Z", "value": "Disclosed"}], "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/a91bd1cf-ac63-4d65-b9fc-3fa2507cc27e?source=cve"}, {"url": "https://plugins.trac.wordpress.org/browser/blaze-demo-importer/trunk/blaze-demo-importer.php#L91"}, {"url": "https://plugins.trac.wordpress.org/changeset/3361179/"}], "descriptions": [{"lang": "en", "value": "The Blaze Demo Importer plugin for WordPress is vulnerable to unauthorized limited plugin install due to a missing capability check on the 'blaze_demo_importer_install_plugin' function in all versions up to, and including, 1.0.12. This makes it possible for authenticated attackers, with Subscriber-level access and above, to install and activate a limited number of specific plugins. The News Kit Elementor Addons plugin and a BlazeThemes theme must be installed and activated in order to exploit the vulnerability."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-862", "description": "CWE-862 Missing Authorization"}]}], "providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-08T17:14:03.943Z"}}}, "cveMetadata": {"cveId": "CVE-2025-8446", "state": "PUBLISHED", "dateUpdated": "2026-04-08T17:14:03.943Z", "dateReserved": "2025-07-31T19:44:08.833Z", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "datePublished": "2025-09-16T11:17:09.118Z", "assignerShortName": "Wordfence"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "The Blaze Demo Importer plugin for WordPress is vulnerable to unauthorized limited plugin install due to a missing capability check on the 'blaze_demo_importer_install_plugin' function in all versions up to, and including, 1.0.12. This makes it possible for authenticated attackers, with Subscriber-level access and above, to install and activate a limited number of specific plugins. The News Kit Elementor Addons plugin and a BlazeThemes theme must be installed and activated in order to exploit the vulnerability."}], "id": "CVE-2025-8446", "lastModified": "2026-04-15T00:35:42.020", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 1.4, "source": "security@wordfence.com", "type": "Secondary"}]}, "published": "2025-09-16T12:15:34.380", "references": [{"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/browser/blaze-demo-importer/trunk/blaze-demo-importer.php#L91"}, {"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/changeset/3361179/"}, {"source": "security@wordfence.com", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/a91bd1cf-ac63-4d65-b9fc-3fa2507cc27e?source=cve"}], "sourceIdentifier": "security@wordfence.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-862"}], "source": "security@wordfence.com", "type": "Secondary"}]}

{}

{"analysis": {"en": {"generated_at": "2026-04-21T19:05:08.927035+00:00", "value": {"mitigation_remediation": ["Upgrade Blaze Demo Importer to a version that includes the missing capability check", "If an upgrade is not possible, remove or deactivate the News Kit Elementor Addons plugin and any BlazeThemes theme that could satisfy the exploit requirements", "Add a custom code snippet that disables blaze_demo_importer_install_plugin or restricts its execution to administrator\u2010level users to restore proper authorization"], "summary": {"action": "Patch", "impact": "Limited Plugin Install via Missing Authorization"}, "threat_synthesis": {"affected_systems": "WordPress sites running Blaze Demo Importer version 1.0.12 or earlier are affected. The vulnerability can only be exploited if the News Kit Elementor Addons plugin and a BlazeThemes theme are already installed and activated on the same site, as these are required components of the exploit path.", "description_and_impact": "The Blaze Demo Importer plugin for WordPress contains a function called blaze_demo_importer_install_plugin that performs no capability check. As a result, any authenticated user with Subscriber level or higher can invoke the function to install and activate a small, predefined set of plugins. The plugin specifically allows the installation of the News Kit Elementor Addons plugin and a BlazeThemes theme. The impact is limited to these particular installations and does not provide full arbitrary plugin deployment or direct code execution.", "risk_and_exploitability": "The overall severity is medium with a CVSS score of 4.3 and an EPSS score below 1%, indicating a low likelihood of real\u2011world exploitation at present. The vulnerability is not listed in the CISA KEV catalog. While the attack vector requires user authentication at the Subscriber level or higher, the limited scope of exploitable plugins reduces the potential breadth of impact, yet still poses a tangible risk for sites that have the required components installed."}}}}, "created": "2025-09-17T10:04:55.818269+00:00", "updated": "2026-04-21T19:15:26.030241+00:00", "vendors": ["wordpress", "wordpress$PRODUCT$wordpress"]}