The Simple History plugin for WordPress, used to track, log, and audit changes, contains a vulnerability identified as CVE-2025-5760. This vulnerability arises from improper sanitization in the append_debug_info_to_context() function when Detective Mode is enabled. Specifically, the plugin’s logger captures the entire contents of the $_POST superglobal, and occasionally raw request bodies or $_GET parameters, without filtering or redacting sensitive information such as passwords. Consequently, when users submit login forms—whether through WordPress’s native wp_login or third-party login widgets—their plaintext passwords are recorded in the plugin’s logs stored in the database. This exposure affects all versions prior to 5.8.1. An authenticated attacker or any user whose actions trigger a login event will have their password logged. Since administrators or anyone with read access to the WordPress database can access these logs, the vulnerability leads to sensitive data exposure (CWE-256). The CVSS 3.1 base score is 4.9, reflecting medium severity, with network attack vector, low attack complexity, and requiring high privileges but no user interaction. No patches or exploits are currently reported, but the risk remains significant due to the sensitive nature of password exposure.

The primary impact of CVE-2025-5760 is the exposure of user passwords in plaintext within WordPress logs. This compromises the confidentiality of user credentials, potentially allowing attackers or unauthorized insiders with database access to harvest passwords. Such exposure can lead to account takeover, privilege escalation, and lateral movement within the affected WordPress environment. Since WordPress is widely used for websites globally, including corporate, governmental, and e-commerce platforms, the vulnerability risks undermining user trust and data security. Although the vulnerability does not affect system integrity or availability directly, the breach of password confidentiality can facilitate further attacks, including phishing, credential stuffing, and unauthorized access to other systems if users reuse passwords. Organizations relying on the Simple History plugin and enabling Detective Mode are particularly at risk. The requirement for authenticated access to trigger the logging reduces the attack surface but does not eliminate insider threats or compromised accounts. The lack of known exploits in the wild suggests limited current exploitation but does not preclude future attacks.

To mitigate CVE-2025-5760, organizations should immediately disable Detective Mode in the Simple History plugin to prevent logging of sensitive data. Administrators must audit and restrict database access permissions to ensure only trusted personnel can read logs. It is critical to upgrade the Simple History plugin to version 5.8.1 or later once available, as this version addresses the improper sanitization issue. Until patched, consider implementing web application firewall (WAF) rules to monitor and block suspicious login attempts that could trigger logging. Additionally, review and purge existing logs that may contain plaintext passwords to prevent retrospective data leakage. Educate users and administrators about the risks of password exposure and encourage the use of strong, unique passwords combined with multi-factor authentication (MFA) to reduce the impact of credential compromise. Regularly monitor security advisories from the plugin vendor and WordPress community for updates or further guidance.