Severity by source
AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Network-accessible AJAX endpoint requiring only subscriber authentication (PR:L); impact is solely integrity loss from service disconnection with no confidentiality or availability effect.
Primary rating from Vendor (Wordfence).
CVSS VectorVendor: Wordfence
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Lifecycle Timeline
2DescriptionCVE.org
The GW AI Website Builder plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the gwaiwebu_gravitywrite_disconnect_handler() function in all versions up to, and including, 1.0.1. This makes it possible for authenticated attackers, with Subscriber-level access and above, to disconnect the plugin from GravityWrite via the 'gwaiwebu_gravitywrite_disconnect' AJAX action.
AnalysisAI
Unauthorized GravityWrite disconnection in the GW AI Website Builder WordPress plugin (versions ≤ 1.0.1) is achievable by any authenticated subscriber-level user due to a missing capability check on the gwaiwebu_gravitywrite_disconnect_handler() AJAX function. The flaw allows low-privilege WordPress accounts to sever the plugin's integration with the GravityWrite AI service, degrading AI-powered site-building functionality for all users. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | Exploitation requires a valid WordPress account with at least Subscriber role on the target site - fully unauthenticated exploitation is not possible per the CVSS PR:L metric. … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | The CVSS 3.1 score of 4.3 (Medium) with vector AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N accurately reflects the threat model: network-reachable AJAX endpoint, trivial exploitation complexity, but gated behind authenticated access (PR:L) with only a limited integrity impact. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | An attacker with a Subscriber-level WordPress account (obtained through open registration or a compromised credential) sends an authenticated POST request to wp-admin/admin-ajax.php with the body action=gwaiwebu_gravitywrite_disconnect. Because gwaiwebu_gravitywrite_disconnect_handler() performs no capability verification, the server executes the disconnect logic and severs the GravityWrite API connection, disabling AI features site-wide. … |
| Remediation | A patch commit (changeset 3481065) has been applied to the WordPress plugin SVN repository, visible at https://plugins.trac.wordpress.org/changeset?reponame=&old=3481065%40gw-ai-website-builder&new=3481065%40gw-ai-website-builder; however, a specific patched release version number beyond 1.0.1 is not independently confirmed from available data - update to the latest available version via the WordPress admin dashboard and verify the installed version exceeds 1.0.1. … Detailed patch versions, workarounds, and compensating controls in full report. |
Threat intelligence, references, and detailed analysis are available after sign-in.
Same weakness CWE-862 – Missing Authorization
View allSame technique Authentication Bypass
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-42845
GHSA-r5vf-wg5q-932h