Userback <= 1.0.15 – Missing Authorization to Authenticated (Subscriber+) Plugin's Configuration Exposure | CVE 2025-14540 | Plugin Vulnerabilities

Description

The Userback plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the userback_get_json function in all versions up to, and including, 1.0.15. This makes it possible for authenticated attackers, with Subscriber-level access and above, to extract plugin's configuration data including the Userback API access token and site's posts/pages contents, including those that have private and draft status.

Affects Plugins

No known fix

References

CVE

URL

https://www.wordfence.com/threat-intel/vulnerabilities/id/1add8693-20df-431e-ad3b-b23322f1fa03

Classification

Type

NO AUTHORISATION

OWASP top 10

A5: Broken Access Control

CWE

CVSS

Miscellaneous

Original Researcher

jsonc

Verified

No

WPVDB ID

730bd0c7-3336-4924-b516-5b366690e4ef

Timeline

Publicly Published

2025-12-12 (about 5 months ago)

Added

2025-12-12 (about 5 months ago)

Last Updated

2025-12-13 (about 5 months ago)

Other

Published

Title

Published

2024-04-17

Title

Wp Ultimate Review < 2.3.0 - Unauthenticated Review Restriction Bypass

Published

2026-02-05

Title

ElementInvader Addons for Elementor < 1.4.2 - Missing Authorization

Published

2026-02-22

Title

WPC Smart Wishlist for WooCommerce < 5.0.9 - Missing Authorization

Published

2025-05-06

Title

Search Exclude < 2.5.0 - Missing Authorization to Unauthenticated Plugin Settings Modification

Published

2025-12-11

Title

Grider for Elementor <= 1.0.8 - Missing Authorization