{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-9630", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "state": "PUBLISHED", "assignerShortName": "Wordfence", "dateReserved": "2025-08-28T19:46:35.987Z", "datePublished": "2025-10-03T11:17:19.882Z", "dateUpdated": "2026-04-08T17:15:48.952Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-08T17:15:48.952Z"}, "affected": [{"vendor": "samueljesse", "product": "WP SinoType", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "1.0", "versionType": "semver"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "The WP SinoType plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0. This is due to missing or incorrect nonce validation on the sinotype_config function. This makes it possible for unauthenticated attackers to modify typography settings via a forged request granted they can trick a site administrator into performing an action such as clicking on a link."}], "title": "WP SinoType <= 1.0 - Cross-Site Request Forgery", "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/b02198f5-10df-4c4c-beed-aec8acacaec9?source=cve"}, {"url": "https://plugins.trac.wordpress.org/browser/wp-sinotype/trunk/sinotype.php#L65"}, {"url": "https://plugins.trac.wordpress.org/browser/wp-sinotype/trunk/sinotype.php#L161"}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-352 Cross-Site Request Forgery (CSRF)", "cweId": "CWE-352", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", "baseScore": 4.3, "baseSeverity": "MEDIUM"}}], "credits": [{"lang": "en", "type": "finder", "value": "Nabil Irawan"}], "timeline": [{"time": "2025-10-02T22:12:10.000Z", "lang": "en", "value": "Disclosed"}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-10-03T14:01:29.758467Z", "id": "CVE-2025-9630", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-10-03T14:01:55.192Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-9630", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-10-03T14:01:29.758467Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-10-03T14:01:48.545Z"}}], "cna": {"title": "WP SinoType <= 1.0 - Cross-Site Request Forgery", "credits": [{"lang": "en", "type": "finder", "value": "Nabil Irawan"}], "metrics": [{"cvssV3_1": {"version": "3.1", "baseScore": 4.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"}}], "affected": [{"vendor": "samueljesse", "product": "WP SinoType", "versions": [{"status": "affected", "version": "0", "versionType": "semver", "lessThanOrEqual": "1.0"}], "defaultStatus": "unaffected"}], "timeline": [{"lang": "en", "time": "2025-10-02T22:12:10.000Z", "value": "Disclosed"}], "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/b02198f5-10df-4c4c-beed-aec8acacaec9?source=cve"}, {"url": "https://plugins.trac.wordpress.org/browser/wp-sinotype/trunk/sinotype.php#L65"}, {"url": "https://plugins.trac.wordpress.org/browser/wp-sinotype/trunk/sinotype.php#L161"}], "descriptions": [{"lang": "en", "value": "The WP SinoType plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0. This is due to missing or incorrect nonce validation on the sinotype_config function. This makes it possible for unauthenticated attackers to modify typography settings via a forged request granted they can trick a site administrator into performing an action such as clicking on a link."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-352", "description": "CWE-352 Cross-Site Request Forgery (CSRF)"}]}], "providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-08T17:15:48.952Z"}}}, "cveMetadata": {"cveId": "CVE-2025-9630", "state": "PUBLISHED", "dateUpdated": "2026-04-08T17:15:48.952Z", "dateReserved": "2025-08-28T19:46:35.987Z", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "datePublished": "2025-10-03T11:17:19.882Z", "assignerShortName": "Wordfence"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "The WP SinoType plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0. This is due to missing or incorrect nonce validation on the sinotype_config function. This makes it possible for unauthenticated attackers to modify typography settings via a forged request granted they can trick a site administrator into performing an action such as clicking on a link."}], "id": "CVE-2025-9630", "lastModified": "2026-04-15T00:35:42.020", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 1.4, "source": "security@wordfence.com", "type": "Secondary"}]}, "published": "2025-10-03T12:15:48.743", "references": [{"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/browser/wp-sinotype/trunk/sinotype.php#L161"}, {"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/browser/wp-sinotype/trunk/sinotype.php#L65"}, {"source": "security@wordfence.com", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/b02198f5-10df-4c4c-beed-aec8acacaec9?source=cve"}], "sourceIdentifier": "security@wordfence.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-352"}], "source": "security@wordfence.com", "type": "Secondary"}]}

{}

{"analysis": {"en": {"generated_at": "2026-04-20T19:23:20.997554+00:00", "value": {"mitigation_remediation": ["Update WP SinoType to a version that includes proper nonce checking (any release newer than 1.0).", "If an update is not immediately available, deactivate or uninstall the plugin until the fix is installed.", "Educate site administrators to be wary of unexpected links that request changes to site settings, and consider adding a security plugin that warns about CSRF attempts."], "summary": {"action": "Apply Plugin Update", "impact": "Cross\u2011Site Request Forgery"}, "threat_synthesis": {"affected_systems": "Affected installations are WordPress sites running the WP SinoType plugin version 1.0 or older. The plugin is maintained by samueljesse and is identified by the vendor/product name WP SinoType. No other products or versions are listed as affected.", "description_and_impact": "The WP SinoType plugin for WordPress is affected by a Cross\u2011Site Request Forgery vulnerability that originates from missing or incorrect nonce validation in the sinotype_config function. This flaw allows an attacker who can lure the site administrator into clicking a malicious link or URL to change typography settings on the site without authentication. The impact is that the attacker can modify appearance parameters, potentially defacing the site or embedding malicious styles, although the attack does not provide direct code execution or data exfiltration capability.", "risk_and_exploitability": "The CVSS score of 4.3 indicates a low to moderate risk, and the EPSS score of less than 1 % suggests a very low probability of exploitation at this time. The vulnerability is not included in CISA\u2019s KEV catalog. Exploitation requires user interaction: the admin must navigate to a forged URL or click a link that submits the unfettered request. Because the flaw can be triggered by unauthenticated individuals who successfully trick an administrator, the operational risk is limited but should be mitigated promptly."}}}}, "created": "2025-10-06T14:42:49.508517+00:00", "updated": "2026-04-20T19:30:06.166156+00:00", "vendors": ["wordpress", "wordpress$PRODUCT$wordpress"]}