The vulnerability identified as CVE-2025-4519 affects the IDonate – Blood Donation, Request And Donor Management System plugin for WordPress, specifically versions 2.1.5 through 2.1.9. The root cause is an improper authorization (CWE-285) due to a missing capability check in the idonate_donor_password() function. This function is responsible for handling password reset requests for donors. Because the plugin fails to verify whether the requesting user has sufficient privileges before allowing a password reset, any authenticated user with at least Subscriber-level access can trigger a password reset for any other user, including administrators. This flaw effectively allows privilege escalation without requiring user interaction or complex exploitation techniques. The vulnerability is remotely exploitable over the network (AV:N) with low attack complexity (AC:L), requiring only low privileges (PR:L) and no user interaction (UI:N). The impact is severe, affecting confidentiality, integrity, and availability (C:H/I:H/A:H), as an attacker can gain full administrative control over the WordPress site, potentially leading to data theft, site defacement, or further malware deployment. Although no public exploits have been reported yet, the vulnerability's characteristics make it a prime target for attackers. The plugin is used in managing blood donation and donor requests, which may include sensitive personal and medical data, increasing the risk and impact of exploitation.

For European organizations, especially those involved in healthcare, non-profit blood donation management, or community health services using WordPress and this plugin, the impact can be substantial. Exploitation could lead to unauthorized access to sensitive donor personal and medical information, violating GDPR and other data protection regulations. Full site takeover could disrupt critical services, damage organizational reputation, and cause operational downtime. Given the plugin’s role in managing blood donation requests, any disruption could affect public health initiatives and emergency response capabilities. Additionally, compromised sites could be used as launchpads for further attacks within organizational networks or to distribute malware. The breach of confidentiality and integrity of donor data could result in legal penalties and loss of public trust. The vulnerability’s ease of exploitation means that even low-privileged insiders or external attackers with compromised subscriber accounts pose a significant threat.

Immediate mitigation steps include upgrading the IDonate plugin to a version where this vulnerability is patched; however, no patch links are currently provided, so organizations should monitor the vendor’s announcements closely. In the interim, restrict WordPress user roles to the minimum necessary privileges, especially limiting Subscriber-level accounts and monitoring for unusual password reset activities. Implement Web Application Firewall (WAF) rules to detect and block suspicious requests targeting the idonate_donor_password() function. Conduct regular audits of user accounts and password reset logs to identify potential exploitation attempts. Employ multi-factor authentication (MFA) for administrator accounts to reduce the risk of account takeover even if passwords are reset. Consider isolating the affected plugin or disabling it temporarily if patching is not immediately possible. Finally, ensure comprehensive backups and incident response plans are in place to recover quickly from potential compromises.