CVE-2025-49922 identifies a missing authorization vulnerability in the etruel WPeMatico RSS Feed Fetcher WordPress plugin, versions up to and including 2.8.3. The vulnerability arises because the plugin fails to enforce proper access control on certain functions, allowing users with limited privileges (PR:L) to perform actions that should be restricted. Specifically, the plugin incorrectly configures access control security levels, enabling exploitation without requiring user interaction (UI:N). The attack vector is network-based (AV:N), meaning an attacker can exploit this remotely if they have some level of authenticated access. The vulnerability does not compromise confidentiality or integrity but impacts availability (A:L), potentially allowing attackers to disrupt the normal operation of the RSS feed fetching process, leading to denial-of-service conditions or degraded service. The CVSS score of 4.3 reflects a medium severity level, indicating moderate risk. No patches or known exploits are currently available, but the vulnerability has been publicly disclosed as of October 22, 2025. Organizations using this plugin should be aware of the risk and prepare to apply updates or mitigations once patches are released.

For European organizations, the primary impact of CVE-2025-49922 is on the availability of WordPress sites using the WPeMatico RSS Feed Fetcher plugin. Disruption of RSS feed fetching can degrade website functionality, affecting content delivery and user experience. This may be particularly impactful for media companies, news aggregators, and businesses relying on automated content updates. While confidentiality and data integrity are not directly affected, service interruptions can lead to reputational damage and operational inefficiencies. Given the medium severity and the requirement for at least limited user privileges, the threat is more relevant to organizations with multiple user roles or contributors on their WordPress sites. The absence of known exploits reduces immediate risk but does not eliminate the potential for future attacks. Organizations should consider the risk in the context of their WordPress usage and the criticality of the affected plugin.

1. Monitor official channels for patches or updates from the etruel WPeMatico plugin developers and apply them promptly once available. 2. Restrict user roles and permissions within WordPress to the minimum necessary, limiting access to trusted users only. 3. Implement web application firewalls (WAFs) with rules to detect and block suspicious requests targeting the RSS feed fetcher endpoints. 4. Conduct regular audits of WordPress plugins and remove or replace those that are outdated or no longer maintained. 5. Enable detailed logging and monitoring of plugin activity to detect unusual behavior indicative of exploitation attempts. 6. Consider isolating critical content aggregation functions or using alternative plugins with better security track records. 7. Educate site administrators and content contributors about the risks of privilege misuse and the importance of secure practices.