CVE-2025-13085: CWE-285 Improper Authorization in softaculous SiteSEO – SEO Simplified
The SiteSEO – SEO Simplified plugin for WordPress is vulnerable to Improper Authorization leading to Sensitive Post Meta Disclosure in versions up to and including 1.3.2. This is due to missing object-level authorization checks in the resolve_variables() AJAX handler. This makes it possible for authenticated attackers with the siteseo_manage capability (e.g., Author-level users who have been granted SiteSEO access by an administrator) to read arbitrary post metadata from any post, page, attachment, or WooCommerce order they cannot edit, via the custom field variable resolution feature granted they have been given access to SiteSEO by an administrator and legacy storage is enabled. In affected WooCommerce installations, this exposes sensitive customer billing information including names, email addresses, phone numbers, physical addresses, and payment methods.
AI Analysis
Technical Summary
CVE-2025-13085 describes an improper authorization vulnerability (CWE-285) in the SiteSEO – SEO Simplified plugin for WordPress, affecting versions up to 1.3.2. The flaw is due to missing object-level authorization checks in the resolve_variables() AJAX handler, allowing authenticated users with the siteseo_manage capability to access arbitrary post metadata, including sensitive WooCommerce customer billing information if legacy storage is enabled. This unauthorized data disclosure impacts confidentiality but does not affect integrity or availability. The vulnerability requires the attacker to have specific plugin access granted by an administrator. No known exploits are reported, and no patch or vendor advisory is currently available.
Potential Impact
The vulnerability allows unauthorized disclosure of sensitive post metadata, including customer billing information in WooCommerce environments. This can lead to exposure of personally identifiable information (PII) such as names, emails, phone numbers, physical addresses, and payment methods. The impact is limited to confidentiality with no direct impact on integrity or availability. The attack requires authenticated access with the siteseo_manage capability, limiting the attacker scope to users already granted some level of plugin access.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until an official fix is available, administrators should carefully review and restrict which users are granted the siteseo_manage capability and SiteSEO access. Disabling legacy storage in WooCommerce, if feasible, may reduce exposure. Monitor for vendor updates and apply patches promptly once released.
CVE-2025-13085: CWE-285 Improper Authorization in softaculous SiteSEO – SEO Simplified
Description
The SiteSEO – SEO Simplified plugin for WordPress is vulnerable to Improper Authorization leading to Sensitive Post Meta Disclosure in versions up to and including 1.3.2. This is due to missing object-level authorization checks in the resolve_variables() AJAX handler. This makes it possible for authenticated attackers with the siteseo_manage capability (e.g., Author-level users who have been granted SiteSEO access by an administrator) to read arbitrary post metadata from any post, page, attachment, or WooCommerce order they cannot edit, via the custom field variable resolution feature granted they have been given access to SiteSEO by an administrator and legacy storage is enabled. In affected WooCommerce installations, this exposes sensitive customer billing information including names, email addresses, phone numbers, physical addresses, and payment methods.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
CVE-2025-13085 describes an improper authorization vulnerability (CWE-285) in the SiteSEO – SEO Simplified plugin for WordPress, affecting versions up to 1.3.2. The flaw is due to missing object-level authorization checks in the resolve_variables() AJAX handler, allowing authenticated users with the siteseo_manage capability to access arbitrary post metadata, including sensitive WooCommerce customer billing information if legacy storage is enabled. This unauthorized data disclosure impacts confidentiality but does not affect integrity or availability. The vulnerability requires the attacker to have specific plugin access granted by an administrator. No known exploits are reported, and no patch or vendor advisory is currently available.
Potential Impact
The vulnerability allows unauthorized disclosure of sensitive post metadata, including customer billing information in WooCommerce environments. This can lead to exposure of personally identifiable information (PII) such as names, emails, phone numbers, physical addresses, and payment methods. The impact is limited to confidentiality with no direct impact on integrity or availability. The attack requires authenticated access with the siteseo_manage capability, limiting the attacker scope to users already granted some level of plugin access.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until an official fix is available, administrators should carefully review and restrict which users are granted the siteseo_manage capability and SiteSEO access. Disabling legacy storage in WooCommerce, if feasible, may reduce exposure. Monitor for vendor updates and apply patches promptly once released.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- Wordfence
- Date Reserved
- 2025-11-12T19:32:01.839Z
- Cvss Version
- 3.1
- State
- PUBLISHED
Threat ID: 691d6a73a27e6d5e91bd839a
Added to database: 11/19/2025, 6:57:55 AM
Last enriched: 4/9/2026, 4:25:39 PM
Last updated: 5/10/2026, 4:39:29 AM
Views: 247
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.