WordPress Plugin Vulnerabilities

Chartify < 3.6.0 - Missing Authentication for Administrative Function

Description

The plugin is vulnerable to Missing Authentication for Critical Function due to the plugin registering an unauthenticated AJAX action that dispatches to admin-class methods based on a request parameter, without any nonce or capability checks. This makes it possible for unauthenticated attackers to execute administrative functions via the wp-admin/admin-ajax.php endpoint granted they can identify callable method names.

Affects Plugins

Plugin icon
chart-builder
Fixed in 3.6.0

References

CVE
CVE-2025-11171
URL
https://www.wordfence.com/threat-intel/vulnerabilities/id/aa3e030b-8ef1-4dbc-940d-6c2ab2683620

Classification

Type
NO AUTHORISATION
OWASP top 10
A5: Broken Access Control
CWE
CWE-862
CVSS
5.3 (medium)

Miscellaneous

Original Researcher
Avraham Shemesh, SnailSploit
Verified
No
WPVDB ID
0a085126-27e2-457a-926b-bf373c0ea475

Timeline

Publicly Published
2025-10-07 (about 8 months ago)
Added
2025-10-08 (about 8 months ago)
Last Updated
2025-10-08 (about 8 months ago)

Other

Published
Title
Published
2024-11-18
Title
Jobify - Job Board WordPress Theme <= 4.2.3 - Missing Authorization
Published
2026-05-12
Title
RTMKit Addons for Elementor < 2.0.3 - Authenticated (Author+) Missing Authorization to Widget Configuration Modification
Published
2026-03-23
Title
WP Configurator Pro < 3.8.0 - Missing Authorization
Published
2025-12-07
Title
Contact Form by BestWebSoft < 4.3.7 - Missing Authorization
Published
2022-12-16
Title
ActiveCampaign for WooCommerce < 1.9.8 - Subscriber+ Error Log Cleanup