CVE-2025-12877 is a vulnerability classified under CWE-862 (Missing Authorization) found in the IDonate – Blood Donation, Request And Donor Management System plugin for WordPress, developed by themeatelier. The vulnerability exists in the panding_blood_request_action() function, which lacks proper capability checks to verify if the requester is authorized to perform actions. This flaw allows unauthenticated attackers to invoke this function and delete arbitrary posts within the WordPress environment. Since the plugin is designed to manage blood donation requests and donor data, unauthorized deletion could disrupt critical data records. The vulnerability affects all plugin versions up to and including 2.1.15. The CVSS 3.1 base score is 5.3, indicating a medium severity level, with the vector AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N, meaning the attack can be performed remotely without authentication or user interaction, impacts integrity but not confidentiality or availability, and the scope is unchanged. No known exploits have been reported in the wild, and no official patches are currently available. The vulnerability's root cause is the absence of an authorization check before executing sensitive actions, a common security oversight in web applications. Attackers exploiting this vulnerability could delete posts, potentially removing blood donation requests or donor information, which could lead to operational disruption and data integrity issues. Given the plugin's niche use in healthcare-related WordPress sites, the impact is significant for organizations relying on accurate and available donor data. The vulnerability highlights the importance of enforcing strict authorization checks on all sensitive functions, especially in plugins handling critical data.

For European organizations, particularly those involved in healthcare, blood donation management, or non-profit sectors using WordPress with the IDonate plugin, this vulnerability poses a risk of unauthorized data deletion. The loss or manipulation of blood donation requests and donor records can disrupt operational workflows, delay critical medical procedures, and erode trust in the platform. While the vulnerability does not compromise confidentiality or availability directly, the integrity impact can have downstream effects on service reliability and data accuracy. Organizations may face reputational damage if donor data is lost or manipulated. Additionally, recovery efforts could incur operational costs and downtime. Since the vulnerability requires no authentication and can be exploited remotely, the attack surface is broad, increasing the likelihood of opportunistic attacks. The absence of known exploits currently reduces immediate risk, but the availability of technical details means attackers could develop exploits quickly. European healthcare providers and NGOs using this plugin are particularly vulnerable due to the critical nature of their data and services.

1. Immediately audit WordPress sites using the IDonate plugin to identify affected versions (up to 2.1.15). 2. Temporarily disable the plugin if possible until an official patch is released. 3. Implement custom authorization checks by modifying the panding_blood_request_action() function to verify user capabilities before allowing deletion actions. 4. Restrict access to the WordPress admin and REST API endpoints related to the plugin using web application firewalls (WAF) or access control lists (ACLs) to limit exposure. 5. Monitor logs for unusual deletion requests or activity targeting the vulnerable function. 6. Keep WordPress core and all plugins updated and subscribe to vendor security advisories for timely patching. 7. Consider isolating critical healthcare data from publicly accessible WordPress environments or using additional authentication layers. 8. Educate site administrators on the risks of installing plugins without proper security reviews and encourage use of security plugins that detect missing authorization issues.