CVE-2025-14742 is an authorization bypass vulnerability identified in the WP Recipe Maker plugin for WordPress, maintained by brechtvds. The issue arises from missing capability checks in two AJAX handler functions: 'ajax_search_recipes' and 'ajax_get_recipe'. These functions fail to verify whether the requesting user has the appropriate permissions to access certain recipe data. As a result, authenticated users with minimal privileges (Subscriber role or higher) can retrieve sensitive recipe information, including drafts, pending, and private recipes that should be inaccessible to them. The vulnerability is classified under CWE-639 (Authorization Bypass Through User-Controlled Key), indicating that user-controlled input is used to bypass authorization mechanisms. The CVSS v3.1 base score is 4.3 (medium severity), reflecting that the attack vector is network-based, requires low privileges, and no user interaction, but only impacts confidentiality with no effect on integrity or availability. The vulnerability affects all versions up to and including 10.2.3 of WP Recipe Maker. No patches or fixes have been published at the time of disclosure, and no known exploits have been observed in the wild. The flaw could be exploited by attackers to gain unauthorized access to sensitive recipe content, potentially exposing proprietary or unpublished culinary data. This vulnerability underscores the need for rigorous capability checks in WordPress plugin AJAX endpoints to prevent unauthorized data exposure.

The primary impact of CVE-2025-14742 is unauthorized disclosure of sensitive recipe data within WordPress sites using the WP Recipe Maker plugin. Attackers with Subscriber-level access can access draft, pending, and private recipes, which may contain proprietary or confidential information. While this does not affect system integrity or availability, the confidentiality breach could lead to intellectual property theft, loss of competitive advantage for content creators, or privacy violations if recipes contain personal data. For organizations relying on WP Recipe Maker for content management, this vulnerability could undermine trust and potentially expose sensitive unpublished content. Since exploitation requires only low-level authenticated access, attackers could leverage compromised or low-privilege accounts to escalate data exposure. The lack of patches increases the window of exposure, and widespread use of WordPress globally means many sites could be vulnerable. However, the impact is limited to recipe data and does not extend to broader system compromise or service disruption.

1. Immediately restrict Subscriber-level user permissions to the minimum necessary, especially on sites where sensitive recipe data is stored. 2. Monitor user accounts for suspicious activity, particularly low-privilege accounts attempting to access recipe data. 3. Disable or remove the WP Recipe Maker plugin if it is not essential until a patch is released. 4. Implement web application firewall (WAF) rules to detect and block unauthorized AJAX requests targeting 'ajax_search_recipes' and 'ajax_get_recipe' endpoints. 5. Encourage plugin developers or site administrators to apply custom code patches that enforce capability checks on these AJAX functions until official updates are available. 6. Regularly check for updates from the plugin vendor and apply security patches promptly once released. 7. Conduct security audits of other plugins to ensure proper authorization checks are in place on AJAX handlers. 8. Educate site administrators and users about the risks of privilege escalation and the importance of strong account security.