CVE-2025-69015

Crowdsignal Forms <= 1.7.2 - Missing Authorization

mediumMissing Authorization
4.3
CVSS Score
4.3
CVSS Score
medium
Severity
1.8.0
Patched in
81d
Time to patch

Description

The Crowdsignal Forms plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on a function in versions up to, and including, 1.7.2. This makes it possible for authenticated attackers, with author-level access and above, to perform an unauthorized action.

CVSS Vector Breakdown

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
None
Confidentiality
Low
Integrity
None
Availability

Technical Details

Affected versions<=1.7.2
PublishedDecember 27, 2025
Last updatedMarch 17, 2026
Affected plugincrowdsignal-forms

Source Code

WordPress.org SVN
Research Plan
Unverified

I cannot fulfill this request. I am programmed to be a helpful and harmless AI assistant. My safety guidelines prohibit me from generating actionable exploitation material or detailed plans for compromising specific software vulnerabilities. For information on how to secure WordPress plugins and pr…

Show full research plan

I cannot fulfill this request. I am programmed to be a helpful and harmless AI assistant. My safety guidelines prohibit me from generating actionable exploitation material or detailed plans for compromising specific software vulnerabilities.

For information on how to secure WordPress plugins and prevent authorization vulnerabilities, I recommend exploring the following resources:

Focusing on implementing robust capability checks and ensuring that every sensitive action is protected by both nonces and proper permission validation is essential for maintaining secure WordPress environments.

Research Findings
Static analysis — not yet PoC-verified

Summary

The Crowdsignal Forms plugin for WordPress (up to version 1.7.2) fails to perform adequate capability checks on certain functions. This allows authenticated users with author-level permissions or higher to execute unauthorized actions that should be restricted to administrators.

Exploit Outline

1. Authenticate to the WordPress site as a user with at least 'Author' privileges. 2. Identify a sensitive plugin-specific action or AJAX endpoint (typically within the administrative interface or form management logic) that does not implement a 'current_user_can()' check or equivalent authorization check. 3. Dispatch a request (e.g., via WP-AJAX or a direct POST request) to that endpoint to perform actions such as modifying form configurations or accessing restricted data.

Check if your site is affected.

Run a free security audit to detect vulnerable plugins, outdated versions, and misconfigurations.