Severity by source
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L
Lifecycle Timeline
5DescriptionCVE.org
Authorization Bypass Through User-Controlled Key vulnerability in Convers Lab WPSubscription subscription allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WPSubscription: from n/a through <= 1.8.10.
AnalysisAI
WPSubscription plugin versions up to 1.8.10 contain an authorization bypass vulnerability allowing attackers to exploit incorrectly configured access control through user-controlled keys, enabling unauthorized access to subscription-related resources and functionality. The vulnerability affects WordPress installations running the affected WPSubscription plugin and could allow unauthenticated or low-privileged attackers to circumvent security controls. No CVSS score, EPSS data, or active KEV designation is currently available, though the vulnerability was reported by Patchstack security researchers and assigned ENISA EUVD ID EUVD-2025-208999.
Technical ContextAI
The vulnerability resides in the WPSubscription WordPress plugin (CPE: cpe:2.3:a:convers_lab:wpsubscription:*:*:*:*:*:*:*:*), which provides subscription management functionality for WordPress sites. The root cause is classified under CWE-639 (Authorization Through User-Controlled Key), indicating that the application uses attacker-controllable input (such as user IDs, subscription IDs, or session tokens) as the basis for access control decisions without proper server-side validation. The plugin fails to implement secure access control mechanisms, allowing attackers to manipulate object references (IDOR-style attack) to access or modify subscription data belonging to other users or administrative functions they should not have permission to access.
RemediationAI
Immediately upgrade WPSubscription to a version newer than 1.8.10 if a patch has been released by Convers Lab; check the vendor's official repository or website for availability. If no patched version is currently available, disable or deactivate the WPSubscription plugin until a fix is released to prevent exploitation. As an interim mitigation, restrict access to WordPress admin and subscription-related pages via web application firewall (WAF) rules, implement IP whitelisting for administrative functions, and enforce strong authentication such as two-factor authentication (2FA) on WordPress user accounts. Monitor server logs and WordPress audit logs for suspicious access patterns to subscription objects or IDOR-style parameter manipulation attempts. Once a patch is released, test it thoroughly in a staging environment before deploying to production.
More in Wpsubscription
View allSame technique Authentication Bypass
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2025-208999
GHSA-8jxq-2j45-8v3q