CVE-2025-4519 is a vulnerability classified under CWE-285 (Improper Authorization) affecting the IDonate – Blood Donation, Request And Donor Management System WordPress plugin, specifically versions 2.1.5 through 2.1.9. The core issue lies in the idonate_donor_password() function, which lacks proper capability checks to verify if the requesting user has sufficient privileges before allowing a password reset operation. Authenticated users with minimal privileges (Subscriber role or higher) can exploit this flaw to reset the password of any user account, including administrators. This effectively allows privilege escalation from a low-privilege user to full administrative control over the WordPress site. The vulnerability is remotely exploitable over the network without user interaction and requires only low privileges to initiate. The CVSS v3.1 base score is 8.8, reflecting high impact on confidentiality (full access to user accounts), integrity (ability to modify site content and settings), and availability (potential site takeover). Although no public exploits have been reported yet, the simplicity of exploitation and the critical nature of the flaw make it a significant risk. The plugin is primarily used in healthcare-related WordPress sites managing blood donation and donor requests, which may contain sensitive personal and medical data. The vulnerability was publicly disclosed on November 7, 2025, and no official patches have been linked yet, necessitating immediate attention from site administrators.

For European organizations, especially those in healthcare, blood donation management, or related nonprofit sectors using the IDonate plugin, this vulnerability poses a severe risk. Exploitation can lead to unauthorized access to sensitive personal and medical data, violating GDPR and other data protection regulations. Full site takeover can result in defacement, data theft, ransomware deployment, or use of the compromised site as a pivot point for further attacks within the organization’s network. The breach of trust and operational disruption could have serious reputational and financial consequences. Given the critical nature of healthcare services, any downtime or data compromise could also impact patient care and emergency response capabilities. Organizations relying on WordPress for public-facing or internal donor management systems must consider this vulnerability a high priority for remediation to avoid regulatory penalties and operational risks.

1. Immediately audit WordPress sites using the IDonate plugin to identify affected versions (2.1.5 to 2.1.9). 2. Apply vendor-provided patches as soon as they become available; monitor official themeatelier channels and WordPress plugin repositories for updates. 3. If patches are not yet available, implement temporary access controls by restricting Subscriber-level users from accessing or invoking the idonate_donor_password() function, possibly via custom code or security plugins that enforce capability checks. 4. Review and harden WordPress user roles and permissions to minimize the number of users with Subscriber or higher privileges. 5. Enable multi-factor authentication (MFA) for all administrator accounts to reduce the risk of account takeover. 6. Monitor logs for unusual password reset requests or privilege escalations. 7. Conduct regular backups and ensure incident response plans are updated to handle potential site compromises. 8. Educate site administrators and users about the risk and signs of exploitation. 9. Consider isolating critical healthcare WordPress instances from broader network access to limit lateral movement if compromised.