EUVD-2025-208999

| CVE-2025-69347 HIGH
2026-03-25 Patchstack GHSA-8jxq-2j45-8v3q
8.5
CVSS 3.1
Share

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Changed
Confidentiality
High
Integrity
Low
Availability
None

Lifecycle Timeline

3
Analysis Generated
Mar 25, 2026 - 16:47 vuln.today
EUVD ID Assigned
Mar 25, 2026 - 16:47 euvd
EUVD-2025-208999
CVE Published
Mar 25, 2026 - 16:14 nvd
HIGH 8.5

Tags

Authentication Bypass

Description

Authorization Bypass Through User-Controlled Key vulnerability in Convers Lab WPSubscription subscription allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WPSubscription: from n/a through <= 1.8.10.

Analysis

WPSubscription plugin versions up to 1.8.10 contain an authorization bypass vulnerability allowing attackers to exploit incorrectly configured access control through user-controlled keys, enabling unauthorized access to subscription-related resources and functionality. The vulnerability affects WordPress installations running the affected WPSubscription plugin and could allow unauthenticated or low-privileged attackers to circumvent security controls. No CVSS score, EPSS data, or active KEV designation is currently available, though the vulnerability was reported by Patchstack security researchers and assigned ENISA EUVD ID EUVD-2025-208999.

Technical Context

The vulnerability resides in the WPSubscription WordPress plugin (CPE: cpe:2.3:a:convers_lab:wpsubscription:*:*:*:*:*:*:*:*), which provides subscription management functionality for WordPress sites. The root cause is classified under CWE-639 (Authorization Through User-Controlled Key), indicating that the application uses attacker-controllable input (such as user IDs, subscription IDs, or session tokens) as the basis for access control decisions without proper server-side validation. The plugin fails to implement secure access control mechanisms, allowing attackers to manipulate object references (IDOR-style attack) to access or modify subscription data belonging to other users or administrative functions they should not have permission to access.

Affected Products

Convers Lab WPSubscription plugin is affected in all versions from the earliest release through version 1.8.10 inclusive, as specified in the CPE (cpe:2.3:a:convers_lab:wpsubscription:*:*:*:*:*:*:*:*) and confirmed by ENISA EUVD-2025-208999. The vulnerability was reported via Patchstack and documented at https://patchstack.com/database/Wordpress/Plugin/subscription/vulnerability/wordpress-wpsubscription-plugin-1-8-10-insecure-direct-object-references-idor-vulnerability. WordPress installations with WPSubscription installed and activated are at risk regardless of other security measures if the plugin version is 1.8.10 or earlier.

Remediation

Immediately upgrade WPSubscription to a version newer than 1.8.10 if a patch has been released by Convers Lab; check the vendor's official repository or website for availability. If no patched version is currently available, disable or deactivate the WPSubscription plugin until a fix is released to prevent exploitation. As an interim mitigation, restrict access to WordPress admin and subscription-related pages via web application firewall (WAF) rules, implement IP whitelisting for administrative functions, and enforce strong authentication such as two-factor authentication (2FA) on WordPress user accounts. Monitor server logs and WordPress audit logs for suspicious access patterns to subscription objects or IDOR-style parameter manipulation attempts. Once a patch is released, test it thoroughly in a staging environment before deploying to production.

Priority Score

43
Low Medium High Critical
KEV: 0
EPSS: +0.0
CVSS: +42
POC: 0

Share

EUVD-2025-208999 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy