Severity by source
AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Network-reachable action handler, trivial exploitation at subscriber level, integrity-only impact limited to post status change; no confidentiality or availability loss.
Primary rating from Vendor (Wordfence).
CVSS VectorVendor: Wordfence
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Lifecycle Timeline
2DescriptionCVE.org
The WP Easy Pay - Payment and Donation form Builder for Square plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 4.5.0. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for authenticated attackers, with subscriber-level access and above, to set the status of arbitrary posts and pages to 'draft', effectively unpublishing arbitrary site content.
AnalysisAI
Authorization bypass in the WP Easy Pay WordPress plugin (versions ≤4.5.0) allows any authenticated WordPress user at subscriber level or above to set arbitrary posts and pages to 'draft', silently unpublishing site content without editorial authorization. The flaw stems from missing capability checks in the plugin's action handlers (wpep-setup.php), confirmed by Wordfence with direct source code references. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | Exploitation requires an authenticated WordPress session at subscriber level or above - the lowest role assigned to any registered user. … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | The NVD CVSS 4.3 (Medium) score reflects the real-world impact accurately: network-accessible (AV:N), low complexity (AC:L), requires only subscriber-level authentication (PR:L), no user interaction (UI:N), limited to integrity impact (I:L). … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | An attacker registers a free subscriber account on a WordPress site with open registration and WP Easy Pay ≤4.5.0 active. They authenticate and send a crafted HTTP request to the plugin's action endpoint - targeting the unprotected handler in wpep-setup.php - specifying the ID of a published post or page and a status of 'draft'. … |
| Remediation | Update the WP Easy Pay plugin to the version released after 4.5.0 that incorporates SVN changeset 3593500; verify the specific patched version via the WordPress plugin repository or the Wordfence advisory at https://www.wordfence.com/threat-intel/vulnerabilities/id/2121d9fa-bab4-489d-89bc-07a8660bc3d1. … Detailed patch versions, workarounds, and compensating controls in full report. |
Threat intelligence, references, and detailed analysis are available after sign-in.
Same weakness CWE-862 – Missing Authorization
View allSame technique Authentication Bypass
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-43151
GHSA-h64r-hhm8-6c7c