The vulnerability identified as CVE-2025-12582 affects the Features plugin for WordPress, specifically all versions up to and including 0.0.2. The root cause is a missing capability check on the 'features_revert_option' AJAX endpoint, which is responsible for reverting plugin options to previous states. Because the plugin fails to verify whether the authenticated user has the necessary permissions to perform this action, any user with Subscriber-level access or higher can invoke this endpoint to revert options. This constitutes a CWE-862 (Missing Authorization) vulnerability. The attack vector is remote over the network (AV:N), with low attack complexity (AC:L), requiring privileges (PR:L) but no user interaction (UI:N). The vulnerability does not affect confidentiality or availability but impacts integrity by allowing unauthorized modification of plugin settings. Although no public exploits have been reported, the flaw could be leveraged by malicious authenticated users to disrupt site configurations or revert security-critical options, potentially weakening the site's security posture. The vulnerability was published on November 5, 2025, and no patches or updates have been linked yet. The plugin is used within the WordPress ecosystem, which is widely deployed globally, increasing the potential exposure. The CVSS v3.1 base score is 4.3, indicating medium severity.

The primary impact of this vulnerability is unauthorized modification of plugin options, which can lead to integrity issues within affected WordPress sites. Attackers with Subscriber-level access or higher can revert configuration options, potentially undoing security settings or enabling further exploitation. While this does not directly compromise confidentiality or availability, it can indirectly weaken security controls and facilitate subsequent attacks. For organizations relying on the Features plugin, especially those with multiple user roles and contributors, this vulnerability could be exploited by low-privileged insiders or compromised accounts to disrupt site functionality or security posture. The scope is limited to sites using the vulnerable plugin versions, but given WordPress's widespread use, the aggregate risk is significant. No known exploits in the wild reduce immediate risk, but the vulnerability should be addressed promptly to prevent future exploitation.

1. Immediately update the Features plugin to a version that includes proper authorization checks once available from the vendor. 2. Until a patch is released, restrict access to the WordPress admin area and AJAX endpoints by limiting Subscriber-level user capabilities or disabling unnecessary user registrations. 3. Implement Web Application Firewall (WAF) rules to monitor and block unauthorized AJAX requests targeting 'features_revert_option'. 4. Conduct regular audits of user roles and permissions to ensure that only trusted users have Subscriber-level or higher access. 5. Monitor logs for unusual activity related to AJAX endpoints or option reversion attempts. 6. Consider temporarily disabling the Features plugin if it is not critical to site operation. 7. Educate site administrators about the risk and encourage prompt application of security updates.