WordPress Plugin Vulnerabilities
BetterDocs < 4.3.12 - Missing Authorization to Authenticated (Subscriber+) Unauthorized AI API Usage
Description
The BetterDocs plugin for WordPress is vulnerable to Missing Authorization in versions up to and including 4.3.11. This is due to a missing capability check in the generate_openai_content_callback() function, which relies solely on a nonce rather than verifying user permissions. This makes it possible for authenticated attackers, with subscriber-level access and above, to trigger OpenAI API calls using the site's configured API key with arbitrary user-controlled prompts, leading to unauthorized consumption of the site owner's paid AI API quota.
Affects Plugins
Fixed in 4.3.12 References
Classification
Type
NO AUTHORISATION
OWASP top 10
CWE
CVSS
Miscellaneous
Original Researcher
h0xilo
Verified
No
WPVDB ID
Timeline
Publicly Published
2026-04-23 (about 20 days ago)
Added
2026-04-23 (about 20 days ago)
Last Updated
2026-04-24 (about 19 days ago)
WPScan 