Skip to main content

CVE-2025-2942: CWE-200 Information Exposure in Order Delivery Date

Medium
VulnerabilityCVE-2025-2942cvecve-2025-2942cwe-200
Published: Fri Jul 11 2025 (07/11/2025, 06:00:02 UTC)
Source: CVE Database V5
Product: Order Delivery Date

Description

The Order Delivery Date WordPress plugin before 12.6.0 discloses arbitrary post title (such as from draft and private posts) via an unauthenticated AJAX action, allowing attackers to retrieve such information

AI-Powered Analysis

AILast updated: 07/21/2025, 21:02:07 UTC

Technical Analysis

CVE-2025-2942 is a medium severity information exposure vulnerability affecting the WordPress plugin 'Order Delivery Date' in versions prior to 12.6.0. The vulnerability arises due to an unauthenticated AJAX action that discloses arbitrary post titles, including those from draft and private posts. This means that an attacker without any authentication can send specially crafted requests to the plugin's AJAX endpoint and retrieve sensitive metadata about posts that are not publicly accessible. The exposure is limited to post titles, which may reveal sensitive or confidential information depending on the content of the drafts or private posts. The vulnerability is categorized under CWE-200 (Information Exposure), indicating that the flaw leaks information that should otherwise be protected. The CVSS v3.1 base score is 4.3 (medium), with vector AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N, indicating network attack vector, low attack complexity, no privileges required, some user interaction needed, unchanged scope, and low impact on confidentiality with no impact on integrity or availability. No known exploits are currently reported in the wild, and no patches or updates have been linked yet. The vulnerability was reserved in March 2025 and published in July 2025. This issue can be exploited remotely without authentication but requires user interaction, likely meaning the victim must trigger the AJAX call or visit a malicious page. The scope is limited to information disclosure of post titles, which could be leveraged for further social engineering or reconnaissance but does not directly allow code execution or data modification.

Potential Impact

For European organizations using WordPress websites with the vulnerable 'Order Delivery Date' plugin, this vulnerability could lead to unintended disclosure of sensitive internal content titles, such as unpublished blog posts, internal announcements, or confidential project information. While the direct impact on confidentiality is low, the leaked information could aid attackers in crafting targeted phishing campaigns or social engineering attacks, increasing the risk of subsequent compromise. Organizations in sectors with strict data privacy regulations, such as finance, healthcare, or government, may face compliance risks if sensitive information is inadvertently exposed. The vulnerability does not affect data integrity or availability, so operational disruption is unlikely. However, reputational damage could occur if confidential editorial or internal content is leaked. Since the vulnerability requires no authentication, any external attacker can attempt exploitation, increasing the attack surface. The need for user interaction limits automated exploitation but does not eliminate risk, especially if attackers can lure users to malicious sites or emails that trigger the AJAX requests. Overall, the impact is moderate but should not be ignored, especially for organizations handling sensitive or regulated information.

Mitigation Recommendations

European organizations should immediately verify if their WordPress installations use the 'Order Delivery Date' plugin and identify the version in use. If running versions prior to 12.6.0, they should prioritize updating the plugin to the latest available version once released by the vendor. In the absence of an official patch, organizations can implement temporary mitigations such as disabling the vulnerable AJAX action by modifying the plugin code or restricting access to the AJAX endpoint via web application firewall (WAF) rules or server-level access controls. Monitoring web server logs for unusual AJAX requests targeting the plugin can help detect exploitation attempts. Additionally, organizations should review and limit the exposure of sensitive content titles in drafts or private posts and consider implementing stricter content access policies. User awareness training to recognize phishing attempts that might exploit this vulnerability is also recommended. Finally, maintaining regular backups and a robust incident response plan will help mitigate potential downstream impacts from exploitation.

Need more detailed analysis?Get Pro

Technical Details

Data Version
5.1
Assigner Short Name
WPScan
Date Reserved
2025-03-28T20:52:11.309Z
Cvss Version
null
State
PUBLISHED

Threat ID: 6875696ba83201eaaccaa8f3

Added to database: 7/14/2025, 8:32:43 PM

Last enriched: 7/21/2025, 9:02:07 PM

Last updated: 8/18/2025, 2:55:32 PM

Views: 17

Actions

PRO

Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.

Please log in to the Console to use AI analysis features.

Need enhanced features?

Contact root@offseq.com for Pro access with improved analysis and higher rate limits.

Latest Threats