CVE-2025-9945 is a Cross-Site Request Forgery (CSRF) vulnerability affecting the WordPress plugin 'Optimize More! – CSS' developed by aryadhiratara. This vulnerability exists in all versions up to and including 1.0.3. The root cause is the absence or improper implementation of nonce validation on the plugin's reset_plugin function. Nonces in WordPress are security tokens used to verify that a request originates from a legitimate source, preventing unauthorized actions. Due to this missing validation, an attacker can craft a malicious request that, when executed by an authenticated site administrator (e.g., by clicking a link or visiting a crafted webpage), triggers the reset_plugin function. This action resets the plugin's optimization settings without the administrator's consent. The vulnerability does not require the attacker to be authenticated, but it does require user interaction from an administrator to exploit. The CVSS v3.1 base score is 4.3 (medium severity), reflecting that the attack vector is network-based, with low attack complexity, no privileges required, but user interaction is necessary. The impact is limited to the integrity of the plugin's settings; confidentiality and availability are not affected. No known exploits are currently reported in the wild, and no patches have been linked yet. This vulnerability falls under CWE-352, which is a common web security weakness related to CSRF attacks.

For European organizations using the 'Optimize More! – CSS' WordPress plugin, this vulnerability poses a risk to the integrity of their website optimization settings. While the vulnerability does not directly compromise sensitive data or availability, unauthorized resetting of optimization configurations can degrade website performance, user experience, and potentially affect SEO rankings. This may indirectly impact business operations, especially for e-commerce, media, or service websites relying on optimized CSS delivery. Since exploitation requires an administrator to be tricked into clicking a malicious link, the threat is somewhat mitigated by user awareness but remains a concern in environments with less stringent security training or where phishing attacks are prevalent. Additionally, organizations with strict compliance requirements around website integrity and uptime may face regulatory scrutiny if such vulnerabilities lead to service degradation. The lack of a patch increases the urgency for mitigation. Given the widespread use of WordPress across Europe, the vulnerability could affect a broad range of sectors, including government, finance, education, and retail.

1. Immediate mitigation should focus on educating site administrators about the risks of clicking unknown or suspicious links, especially when logged into WordPress admin panels. 2. Implement web application firewalls (WAFs) that can detect and block CSRF attack patterns targeting the reset_plugin function or unusual POST requests to the plugin endpoints. 3. Restrict administrative access to trusted IP addresses or via VPN to reduce exposure to external CSRF attempts. 4. Monitor WordPress plugin updates closely and apply patches as soon as they become available from the vendor. 5. As a temporary workaround, disable or deactivate the 'Optimize More! – CSS' plugin if the risk outweighs its benefits until a secure version is released. 6. Review and harden WordPress security configurations, including enforcing strong administrator authentication and session management policies. 7. Consider implementing Content Security Policy (CSP) headers to reduce the risk of malicious script execution that could facilitate CSRF attacks. 8. Conduct regular security audits and penetration testing focused on WordPress plugins to identify similar vulnerabilities proactively.