{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-9882", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "state": "PUBLISHED", "assignerShortName": "Wordfence", "dateReserved": "2025-09-02T21:52:56.325Z", "datePublished": "2025-09-20T06:43:19.442Z", "dateUpdated": "2026-04-08T17:05:21.311Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-08T17:05:21.311Z"}, "affected": [{"vendor": "michaelbo", "product": "osTicket WP Bridge", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "1.9.2", "versionType": "semver"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "The osTicket WP Bridge plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.9.2. This is due to missing or incorrect nonce validation on a function. This makes it possible for unauthenticated attackers to update settings and inject malicious web scripts via a forged request granted they can trick a site administrator into performing an action such as clicking on a link."}], "title": "osTicket WP Bridge <= 1.9.2 - Cross-Site Request Forgery to Stored Cross-Site Scripting", "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/88e508ad-e7dd-4c8f-a44d-ef633e826007?source=cve"}, {"url": "https://wordpress.org/plugins/osticket-wp-bridge/"}, {"url": "https://plugins.trac.wordpress.org/browser/osticket-wp-bridge/tags/1.9.2/admin/ost-config.php#L122"}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-352 Cross-Site Request Forgery (CSRF)", "cweId": "CWE-352", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "baseScore": 6.1, "baseSeverity": "MEDIUM"}}], "credits": [{"lang": "en", "type": "finder", "value": "JohSka"}], "timeline": [{"time": "2025-09-19T18:23:56.000Z", "lang": "en", "value": "Disclosed"}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-09-22T14:59:45.511549Z", "id": "CVE-2025-9882", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-09-22T15:00:11.042Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-9882", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-09-22T14:59:45.511549Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-09-22T14:59:59.160Z"}}], "cna": {"title": "osTicket WP Bridge <= 1.9.2 - Cross-Site Request Forgery to Stored Cross-Site Scripting", "credits": [{"lang": "en", "type": "finder", "value": "JohSka"}], "metrics": [{"cvssV3_1": {"version": "3.1", "baseScore": 6.1, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}}], "affected": [{"vendor": "michaelbo", "product": "osTicket WP Bridge", "versions": [{"status": "affected", "version": "0", "versionType": "semver", "lessThanOrEqual": "1.9.2"}], "defaultStatus": "unaffected"}], "timeline": [{"lang": "en", "time": "2025-09-19T18:23:56.000Z", "value": "Disclosed"}], "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/88e508ad-e7dd-4c8f-a44d-ef633e826007?source=cve"}, {"url": "https://wordpress.org/plugins/osticket-wp-bridge/"}, {"url": "https://plugins.trac.wordpress.org/browser/osticket-wp-bridge/tags/1.9.2/admin/ost-config.php#L122"}], "descriptions": [{"lang": "en", "value": "The osTicket WP Bridge plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.9.2. This is due to missing or incorrect nonce validation on a function. This makes it possible for unauthenticated attackers to update settings and inject malicious web scripts via a forged request granted they can trick a site administrator into performing an action such as clicking on a link."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-352", "description": "CWE-352 Cross-Site Request Forgery (CSRF)"}]}], "providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-08T17:05:21.311Z"}}}, "cveMetadata": {"cveId": "CVE-2025-9882", "state": "PUBLISHED", "dateUpdated": "2026-04-08T17:05:21.311Z", "dateReserved": "2025-09-02T21:52:56.325Z", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "datePublished": "2025-09-20T06:43:19.442Z", "assignerShortName": "Wordfence"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "The osTicket WP Bridge plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.9.2. This is due to missing or incorrect nonce validation on a function. This makes it possible for unauthenticated attackers to update settings and inject malicious web scripts via a forged request granted they can trick a site administrator into performing an action such as clicking on a link."}], "id": "CVE-2025-9882", "lastModified": "2026-04-15T00:35:42.020", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 2.7, "source": "security@wordfence.com", "type": "Secondary"}]}, "published": "2025-09-20T07:15:36.077", "references": [{"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/browser/osticket-wp-bridge/tags/1.9.2/admin/ost-config.php#L122"}, {"source": "security@wordfence.com", "url": "https://wordpress.org/plugins/osticket-wp-bridge/"}, {"source": "security@wordfence.com", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/88e508ad-e7dd-4c8f-a44d-ef633e826007?source=cve"}], "sourceIdentifier": "security@wordfence.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-352"}], "source": "security@wordfence.com", "type": "Secondary"}]}

{}

{"analysis": {"en": {"generated_at": "2026-04-21T19:01:38.584895+00:00", "value": {"mitigation_remediation": ["Check for a newer stable release of the osTicket WP Bridge plugin that addresses the CSRF flaw, and upgrade if available.", "If no updated release is available, deactivate or uninstall the plugin to remove the vulnerable functionality until a patch is released.", "Add additional CSRF protections to administrative interfaces, such as ensuring proper nonce validation on all forms, or implementing a separate CSRF token check."], "summary": {"action": "Patch Now", "impact": "Stored Cross\u2011Site Scripting via CSRF"}, "threat_synthesis": {"affected_systems": "The vulnerability affects the osTicket WP Bridge plugin, developed by michaelbo, in all WordPress installations running any version up to and including\u00a01.9.2. No newer versions are listed as affected, but the advisory does not provide an explicit fixed version beyond that limit.", "description_and_impact": "The osTicket WP Bridge plugin for WordPress contains a flaw where a function performs missing or incorrect nonce validation, enabling an unauthenticated attacker to craft a forged request that updates plugin settings and stores malicious scripts in the site\u2019s content. This stored Cross\u2011Site Scripting can occur once an administrator unknowingly submits the forged request, potentially compromising the confidentiality and integrity of all site visitors.", "risk_and_exploitability": "The CVSS score of 6.1 reflects a moderate severity, while the EPSS score of less than 1% indicates a very low current exploitation probability. The vulnerability is not listed in the CISA KEV catalog, and it requires an unauthenticated attacker to successfully trick a site administrator into executing a link that contains the forged request. Consequently, the potential impact is limited to the control of the administrator\u2019s session and the site\u2019s stored content, but the overall exploitation risk remains relatively low at present."}}}}, "created": "2025-09-22T09:58:52.488716+00:00", "updated": "2026-04-21T19:15:26.025073+00:00", "vendors": ["osticket", "osticket$PRODUCT$osticket", "wordpress", "wordpress$PRODUCT$wordpress"]}