[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fk8VqQ2M7SEIePEDLSC0m4M5inU9TsuDtKq8SP9Bu2S4":3},{"id":4,"url_slug":5,"title":6,"description":7,"plugin_slug":8,"theme_slug":9,"affected_versions":10,"patched_in_version":11,"severity":12,"cvss_score":13,"cvss_vector":14,"vuln_type":15,"published_date":16,"updated_date":17,"references":18,"days_to_patch":20,"patch_diff_files":21,"patch_trac_url":9,"research_status":30,"research_verified":31,"research_rounds_completed":32,"research_plan":33,"research_summary":9,"research_vulnerable_code":9,"research_fix_diff":9,"research_exploit_outline":9,"research_model_used":34,"research_started_at":35,"research_completed_at":36,"research_error":9,"poc_status":9,"poc_video_id":9,"poc_summary":9,"poc_steps":9,"poc_tested_at":9,"poc_wp_version":9,"poc_php_version":9,"poc_playwright_script":9,"poc_exploit_code":9,"poc_has_trace":31,"poc_model_used":9,"poc_verification_depth":9,"poc_exploit_code_gated":31,"source_links":37},"CVE-2026-25431","hustle-email-marketing-lead-generation-optins-popups-missing-authorization","Hustle – Email Marketing, Lead Generation, Optins, Popups \u003C= 7.8.10.1 - Missing Authorization","The Hustle – Email Marketing, Lead Generation, Optins, Popups plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on a function in versions up to, and including, 7.8.10.1. This makes it possible for unauthenticated attackers to perform an unauthorized action.","wordpress-popup",null,"\u003C=7.8.10.1","7.8.10.2","medium",5.3,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:N\u002FS:U\u002FC:N\u002FI:L\u002FA:N","Missing Authorization","2026-05-12 00:00:00","2026-05-19 13:35:20",[19],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F9481a3a6-6d79-4246-852e-f664f578ee71?source=api-prod",8,[22,23,24,25,26,27,28,29],"assets\u002Fjs\u002Fadmin.min.js","assets\u002Fjs\u002Ffront.min.js","assets\u002Fjs\u002Fshared-tutorials.min.js","assets\u002Fjs\u002Fshared-ui.min.js","inc\u002Ffront\u002Fhustle-module-front-ajax.php","languages\u002Fhustle-en_US.po","popover.php","readme.txt","researched",false,3,"This exploitation research plan targets **CVE-2026-25431**, a missing authorization vulnerability in the Hustle plugin for WordPress.\n\n### 1. Vulnerability Summary\nThe Hustle plugin (\u003C= 7.8.10.1) is vulnerable to unauthorized access because the `hustle_dismiss_notification` AJAX action (and potentially others like tracking updates) is registered using `wp_ajax_nopriv_` but fails to implement a capability check (e.g., `current_user_can( 'manage_options' )`). This allows unauthenticated attackers to perform actions intended for administrators, such as dismissing site-wide notifications or manipulating plugin state.\n\n### 2. Attack Vector Analysis\n*   **Endpoint:** `\u002Fwp-admin\u002Fadmin-ajax.php`\n*   **Action:** `hustle_dismiss_notification`\n*   **Authentication:** None required (unauthenticated).\n*   **Payload Parameter:** `name` (the identifier of the notification to dismiss).\n*   **Precondition:** The plugin must be active. The target action must be registered in the `wp_ajax_nopriv_` hook.\n\n### 3. Code Flow\n1.  **Frontend Entry:** The JavaScript in `assets\u002Fjs\u002Fadmin.min.js` (specifically within `Hustle.define(\"Modals.Welcome\", ...)` at module 197) triggers the dismissal.\n2.  **Request Construction:** The `dismissModal` function sends a POST request to `ajaxurl","gemini-3-flash-preview","2026-05-20 18:21:10","2026-05-20 18:22:46",{"type":38,"vulnerable_version":39,"fixed_version":11,"vulnerable_browse":40,"vulnerable_zip":41,"fixed_browse":42,"fixed_zip":43,"all_tags":44},"plugin","7.8.10.1","https:\u002F\u002Fplugins.trac.wordpress.org\u002Fbrowser\u002Fwordpress-popup\u002Ftags\u002F7.8.10.1","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwordpress-popup.7.8.10.1.zip","https:\u002F\u002Fplugins.trac.wordpress.org\u002Fbrowser\u002Fwordpress-popup\u002Ftags\u002F7.8.10.2","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwordpress-popup.7.8.10.2.zip","https:\u002F\u002Fplugins.trac.wordpress.org\u002Fbrowser\u002Fwordpress-popup\u002Ftags"]