CVE-2025-10749: CWE-862 Missing Authorization in 10up Microsoft Azure Storage for WordPress
The Microsoft Azure Storage for WordPress plugin for WordPress is vulnerable to Unauthorized Arbitrary Media Deletion in all versions up to, and including, 4.5.1. This is due to missing capability checks on the 'azure-storage-media-replace' AJAX action. This makes it possible for authenticated attackers with subscriber-level access and above to delete arbitrary media files from the WordPress Media Library via the replace_attachment parameter granted they can access the nonce which is exposed to all authenticated users.
AI Analysis
Technical Summary
The Microsoft Azure Storage for WordPress plugin suffers from a missing authorization vulnerability (CWE-862) in all versions up to and including 4.5.1. Specifically, the 'azure-storage-media-replace' AJAX action lacks proper capability checks, enabling authenticated users with subscriber-level privileges or higher to delete arbitrary media files via the replace_attachment parameter. This is possible because the nonce protecting this action is accessible to all authenticated users, bypassing intended access controls. The vulnerability has a CVSS 3.1 base score of 5.4, reflecting a medium severity impact primarily on integrity and availability. A patch is available to remediate this issue.
Potential Impact
An attacker with subscriber-level or higher authenticated access can delete arbitrary media files from the WordPress Media Library, impacting the integrity and availability of media content. There is no confidentiality impact reported. The vulnerability does not require user interaction beyond authentication and leverages a missing authorization check.
Mitigation Recommendations
A patch is available for this vulnerability. Users of the Microsoft Azure Storage for WordPress plugin should update to the fixed version beyond 4.5.1 to remediate the missing authorization issue. Until patched, restrict subscriber-level access where possible and monitor for unauthorized media deletions.
CVE-2025-10749: CWE-862 Missing Authorization in 10up Microsoft Azure Storage for WordPress
Description
The Microsoft Azure Storage for WordPress plugin for WordPress is vulnerable to Unauthorized Arbitrary Media Deletion in all versions up to, and including, 4.5.1. This is due to missing capability checks on the 'azure-storage-media-replace' AJAX action. This makes it possible for authenticated attackers with subscriber-level access and above to delete arbitrary media files from the WordPress Media Library via the replace_attachment parameter granted they can access the nonce which is exposed to all authenticated users.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
The Microsoft Azure Storage for WordPress plugin suffers from a missing authorization vulnerability (CWE-862) in all versions up to and including 4.5.1. Specifically, the 'azure-storage-media-replace' AJAX action lacks proper capability checks, enabling authenticated users with subscriber-level privileges or higher to delete arbitrary media files via the replace_attachment parameter. This is possible because the nonce protecting this action is accessible to all authenticated users, bypassing intended access controls. The vulnerability has a CVSS 3.1 base score of 5.4, reflecting a medium severity impact primarily on integrity and availability. A patch is available to remediate this issue.
Potential Impact
An attacker with subscriber-level or higher authenticated access can delete arbitrary media files from the WordPress Media Library, impacting the integrity and availability of media content. There is no confidentiality impact reported. The vulnerability does not require user interaction beyond authentication and leverages a missing authorization check.
Mitigation Recommendations
A patch is available for this vulnerability. Users of the Microsoft Azure Storage for WordPress plugin should update to the fixed version beyond 4.5.1 to remediate the missing authorization issue. Until patched, restrict subscriber-level access where possible and monitor for unauthorized media deletions.
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- Wordfence
- Date Reserved
- 2025-09-19T20:14:48.909Z
- Cvss Version
- 3.1
- State
- PUBLISHED
Threat ID: 68fb3a1e0691a1b599160705
Added to database: 10/24/2025, 8:34:38 AM
Last enriched: 4/9/2026, 9:03:00 AM
Last updated: 5/9/2026, 10:45:30 PM
Views: 109
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.