EUVD-2025-17076

| CVE-2025-5018 HIGH
2025-06-06 [email protected]
WordPress Authentication Bypass
7.1
CVSS 3.1
Share

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
Low
Availability
None

Lifecycle Timeline

3
Analysis Generated
Mar 14, 2026 - 18:10 vuln.today
EUVD ID Assigned
Mar 14, 2026 - 18:10 euvd
EUVD-2025-17076
CVE Published
Jun 06, 2025 - 07:15 nvd
HIGH 7.1

DescriptionNVD

The Hive Support plugin for WordPress is vulnerable to unauthorized access and modification of data due to a missing capability check on the hs_update_ai_chat_settings() and hive_lite_support_get_all_binbox() functions in all versions up to, and including, 1.2.4. This makes it possible for authenticated attackers, with Subscriber-level access and above, to read and overwrite the site’s OpenAI API key and inspection data or modify AI-chat prompts and behavior. This vulnerability is potentially a duplicate of CVE-2025-32208 or/and CVE-2025-32242.

AnalysisAI

The Hive Support WordPress plugin (versions ≤1.2.4) contains missing capability checks in the hs_update_ai_chat_settings() and hive_lite_support_get_all_binbox() functions, allowing authenticated Subscriber-level users to read and modify sensitive data including OpenAI API keys, inspection data, and AI chat prompts. With a CVSS score of 7.1 and network-accessible attack vector requiring only user authentication, this vulnerability poses significant risk to WordPress installations using this plugin. The vulnerability may be a duplicate of CVE-2025-32208 or CVE-2025-32242, and patch status and active exploitation metrics are currently unknown.

Technical ContextAI

The Hive Support plugin for WordPress fails to implement proper authorization controls (CWE-862: Missing Authorization) on AJAX/REST endpoints or callback functions that handle sensitive plugin settings. The vulnerability affects two specific functions: hs_update_ai_chat_settings(), which manages OpenAI API configuration and AI behavior parameters, and hive_lite_support_get_all_binbox(), which retrieves inspection or support ticket data. WordPress plugins typically use capability checks via current_user_can() to restrict actions to administrators; the absence of these checks allows lower-privileged authenticated users (Subscriber role and above) to perform administrative actions. The affected component involves integration with OpenAI's API, making credential exposure a critical secondary impact. CPE data would identify: cpe:2.7:a:hive_support:hive_support:*:*:*:*:*:wordpress:*:* (versions up to 1.2.4).

RemediationAI

Update Hive Support plugin to version 1.2.5 or later (patch version not explicitly confirmed in description; verify with official WordPress plugin repository); priority: Critical; link: https://wordpress.org/plugins/hive-support/ (Official plugin page; check for patched version) Workaround (Temporary): Restrict Subscriber-level user creation and audit existing Subscriber accounts; limit plugin access via server-side restrictions or Web Application Firewall (WAF) rules blocking hs_update_ai_chat_settings and hive_lite_support_get_all_binbox calls from non-admin users; priority: High Immediate Mitigation: If patch unavailable: disable the Hive Support plugin entirely until patched; review OpenAI API key usage logs for unauthorized access; rotate OpenAI API keys immediately; audit chat prompt configuration for unauthorized modifications; priority: Critical Detection: Monitor WordPress logs/audit plugins for hs_update_ai_chat_settings and hive_lite_support_get_all_binbox function calls from non-admin user roles; monitor OpenAI API usage anomalies; check user_meta and plugin option tables for unauthorized modifications (post_date analysis)

Share

EUVD-2025-17076 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy