Cybersecurity Vulnerabilities

Beware! Autochat WordPress Plugin Vulnerable to Unauthenticated Data Modification (CVE-2025-12043)

November 25, 2025 - By 

Overview

A medium severity vulnerability, identified as CVE-2025-12043, has been discovered in the Autochat Automatic Conversation plugin for WordPress. This vulnerability allows unauthenticated attackers to connect and disconnect the client ID, leading to unauthorized modification of data.

Technical Details

The vulnerability resides in the ‘wp_ajax_nopriv_auycht_saveCid’ AJAX endpoint. Versions up to and including 1.1.9 of the Autochat plugin lack proper capability checks on this endpoint. This means that an attacker who isn’t logged in (i.e. ‘nopriv’) can call the endpoint directly via an AJAX request and manipulate the client ID associated with the plugin. Because there is no check to confirm they are authorized to do this, they can alter the plugin’s configuration.

CVSS Analysis

  • CVSS Score: 5.3 (Medium)
  • Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
  • This score indicates that the vulnerability is remotely exploitable, requires no user interaction, and doesn’t require any privileges. The impact is primarily on the integrity of the data managed by the plugin.

Possible Impact

Successful exploitation of this vulnerability could allow an unauthenticated attacker to:

  • Connect a malicious client ID to the Autochat plugin.
  • Disconnect legitimate client IDs, disrupting the plugin’s functionality.
  • Potentially redirect conversations or manipulate data transmitted through the Autochat plugin (depending on how the client ID is used within the application).
  • Cause denial of service by repeatedly connecting/disconnecting client IDs.

Mitigation and Patch Steps

The recommended course of action is to update the Autochat Automatic Conversation plugin to the latest available version. Check the WordPress plugin repository for updates.

  1. Update the Plugin: Navigate to the “Plugins” section in your WordPress admin dashboard and update the Autochat Automatic Conversation plugin to the latest version.
  2. Verify Update: After updating, verify that the vulnerability is patched by checking the plugin’s changelog or release notes.
  3. Monitor for Suspicious Activity: Keep an eye on your WordPress logs for any unusual activity related to the Autochat plugin.

References

Cybersecurity specialist and founder of Gowri Shankar Infosec - a professional blog dedicated to sharing actionable insights on cybersecurity, data protection, server administration, and compliance frameworks including SOC 2, PCI DSS, and GDPR.

Related Posts

CVE-2025-61932 Critical Remote Code Execution Vulnerability in LANSCOPE Endpoint Manager

CVE-2025-61932: Critical Remote Code Execution Vulnerability in LANSCOPE Endpoint Manager

October 23, 2025

Leave a Reply

Your email address will not be published. Required fields are marked *