CVE-2025-14468: CWE-352 Cross-Site Request Forgery (CSRF) in mohammed_kaludi AMP for WP – Accelerated Mobile Pages
The AMP for WP – Accelerated Mobile Pages plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.1.9. This is due to inverted nonce verification logic in the amp_theme_ajaxcomments AJAX handler, which rejects requests with VALID nonces and accepts requests with MISSING or INVALID nonces. This makes it possible for unauthenticated attackers to submit comments on behalf of logged-in users via a forged request granted they can trick a user into performing an action such as clicking on a link, and the plugin's template mode is enabled.
AI Analysis
Technical Summary
The AMP for WP – Accelerated Mobile Pages plugin for WordPress contains a CSRF vulnerability due to inverted nonce verification logic in the amp_theme_ajaxcomments AJAX handler. This logic flaw causes the handler to reject requests with valid nonces while accepting those with missing or invalid nonces, enabling attackers to forge requests that submit comments on behalf of authenticated users. The vulnerability affects versions up to and including 1.1.9 and requires the plugin's template mode to be enabled. The CVSS 3.1 base score is 4.3, indicating medium severity. No patch or official remediation information is currently available, and no exploits have been observed in the wild.
Potential Impact
An attacker can exploit this vulnerability to submit comments as if they were authenticated users, potentially leading to unauthorized content posting or manipulation. There is no direct confidentiality or availability impact reported. The attack requires user interaction (UI:R) and no privileges (PR:N).
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until an official fix is available, consider disabling the plugin's template mode or restricting access to the affected AJAX handler to mitigate risk. Monitor official channels for updates or patches addressing this issue.
CVE-2025-14468: CWE-352 Cross-Site Request Forgery (CSRF) in mohammed_kaludi AMP for WP – Accelerated Mobile Pages
Description
The AMP for WP – Accelerated Mobile Pages plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.1.9. This is due to inverted nonce verification logic in the amp_theme_ajaxcomments AJAX handler, which rejects requests with VALID nonces and accepts requests with MISSING or INVALID nonces. This makes it possible for unauthenticated attackers to submit comments on behalf of logged-in users via a forged request granted they can trick a user into performing an action such as clicking on a link, and the plugin's template mode is enabled.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
The AMP for WP – Accelerated Mobile Pages plugin for WordPress contains a CSRF vulnerability due to inverted nonce verification logic in the amp_theme_ajaxcomments AJAX handler. This logic flaw causes the handler to reject requests with valid nonces while accepting those with missing or invalid nonces, enabling attackers to forge requests that submit comments on behalf of authenticated users. The vulnerability affects versions up to and including 1.1.9 and requires the plugin's template mode to be enabled. The CVSS 3.1 base score is 4.3, indicating medium severity. No patch or official remediation information is currently available, and no exploits have been observed in the wild.
Potential Impact
An attacker can exploit this vulnerability to submit comments as if they were authenticated users, potentially leading to unauthorized content posting or manipulation. There is no direct confidentiality or availability impact reported. The attack requires user interaction (UI:R) and no privileges (PR:N).
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until an official fix is available, consider disabling the plugin's template mode or restricting access to the affected AJAX handler to mitigate risk. Monitor official channels for updates or patches addressing this issue.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- Wordfence
- Date Reserved
- 2025-12-10T16:39:16.138Z
- Cvss Version
- 3.1
- State
- PUBLISHED
Threat ID: 695de67ca55ed4ed995516f1
Added to database: 1/7/2026, 4:52:12 AM
Last enriched: 4/9/2026, 9:16:56 PM
Last updated: 5/10/2026, 1:40:19 PM
Views: 138
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.