CVE-2025-2821: CWE-862 Missing Authorization in quadlayers Search Exclude
The Search Exclude plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the get_rest_permission function in all versions up to, and including, 2.4.9. This makes it possible for unauthenticated attackers to modify plugin settings, excluding content from search results.
AI Analysis
Technical Summary
The Search Exclude plugin for WordPress suffers from a missing capability check in its get_rest_permission function, which leads to unauthorized modification of plugin settings. Specifically, unauthenticated attackers can alter the exclusion list for search results, potentially impacting content visibility. This vulnerability is classified under CWE-862 (Missing Authorization). It affects all versions up to and including 2.4.9. The CVSS 3.1 base score is 5.3, reflecting a network attack vector with no privileges or user interaction required, causing integrity impact but no confidentiality or availability impact.
Potential Impact
An attacker without authentication can modify the Search Exclude plugin settings, changing which content is excluded from WordPress search results. This could lead to unauthorized alteration of site search behavior, potentially hiding or excluding content unexpectedly. There is no direct impact on confidentiality or availability reported. No known exploits have been observed in the wild at this time.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until an official fix is released, consider restricting access to the REST API endpoints related to the Search Exclude plugin or disabling the plugin if feasible. Monitor vendor channels for updates and apply patches promptly once available.
CVE-2025-2821: CWE-862 Missing Authorization in quadlayers Search Exclude
Description
The Search Exclude plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the get_rest_permission function in all versions up to, and including, 2.4.9. This makes it possible for unauthenticated attackers to modify plugin settings, excluding content from search results.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
The Search Exclude plugin for WordPress suffers from a missing capability check in its get_rest_permission function, which leads to unauthorized modification of plugin settings. Specifically, unauthenticated attackers can alter the exclusion list for search results, potentially impacting content visibility. This vulnerability is classified under CWE-862 (Missing Authorization). It affects all versions up to and including 2.4.9. The CVSS 3.1 base score is 5.3, reflecting a network attack vector with no privileges or user interaction required, causing integrity impact but no confidentiality or availability impact.
Potential Impact
An attacker without authentication can modify the Search Exclude plugin settings, changing which content is excluded from WordPress search results. This could lead to unauthorized alteration of site search behavior, potentially hiding or excluding content unexpectedly. There is no direct impact on confidentiality or availability reported. No known exploits have been observed in the wild at this time.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until an official fix is released, consider restricting access to the REST API endpoints related to the Search Exclude plugin or disabling the plugin if feasible. Monitor vendor channels for updates and apply patches promptly once available.
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- Wordfence
- Date Reserved
- 2025-03-26T15:06:43.218Z
- Cisa Enriched
- true
- Cvss Version
- 3.1
- State
- PUBLISHED
Threat ID: 682d981bc4522896dcbd996f
Added to database: 5/21/2025, 9:08:43 AM
Last enriched: 4/9/2026, 9:26:25 PM
Last updated: 5/10/2026, 7:04:12 AM
Views: 90
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.