CVE-2025-5814 is a security vulnerability identified in the WordPress plugin "Profiler – What Slowing Down Your WP" developed by switcorp. The vulnerability is classified under CWE-862, which corresponds to Missing Authorization. Specifically, the issue arises because the function wpsd_plugin_control() lacks proper capability checks, allowing unauthorized users to invoke it. This function controls plugin activation states, and due to the missing authorization, unauthenticated attackers can reactivate plugins that were previously deactivated. The vulnerability affects all versions up to and including 1.0.0 of the plugin. The CVSS v3.1 base score is 5.3, indicating a medium severity level. The attack vector is network-based (AV:N), requires no privileges (PR:N), and no user interaction (UI:N), making it relatively easy to exploit remotely. The impact is limited to integrity, as attackers can modify plugin activation states but cannot directly affect confidentiality or availability. There are no known exploits in the wild at the time of publication, and no patches have been released yet. This vulnerability could be leveraged by attackers to bypass administrative controls and potentially enable plugins that introduce further vulnerabilities or malicious code, thereby escalating the risk to the affected WordPress installations.

For European organizations using WordPress websites with the vulnerable "Profiler – What Slowing Down Your WP" plugin, this vulnerability poses a moderate risk. Unauthorized reactivation of plugins can lead to unintended execution of code, especially if the reactivated plugins are outdated or have known vulnerabilities themselves. This could facilitate further compromise, data integrity issues, or unauthorized changes to website functionality. Since WordPress is widely used across Europe for business, governmental, and e-commerce sites, exploitation could undermine trust, disrupt services, or lead to data manipulation. The lack of authentication requirement increases the risk of automated attacks from remote adversaries. Organizations in sectors with strict data integrity requirements, such as finance, healthcare, and public administration, may face compliance and reputational risks if exploited. However, the absence of direct confidentiality or availability impact and the medium CVSS score suggest the threat is moderate but should not be ignored.

European organizations should immediately audit their WordPress installations to identify if the "Profiler – What Slowing Down Your WP" plugin is installed and active. If present, they should consider disabling or removing the plugin until a security patch is released by switcorp. In the interim, restricting access to the WordPress admin dashboard and the "Profiler" page via IP whitelisting or web application firewall (WAF) rules can reduce exposure. Monitoring logs for unusual plugin activation events can help detect exploitation attempts. Organizations should also ensure that all plugins and WordPress core are kept up to date to minimize the risk of chained exploits. Implementing the principle of least privilege for WordPress user roles and enforcing strong authentication mechanisms will further reduce risk. Finally, subscribing to vulnerability advisories and promptly applying patches once available is critical.