Overview
CVE-2025-13620 identifies a security vulnerability in the “WP Social Login and Register Social Counter” plugin for WordPress, versions up to and including 3.1.3. This vulnerability allows unauthenticated attackers to manipulate the plugin’s cache due to missing authorization checks on specific REST API endpoints. Exploiting this vulnerability could lead to various malicious activities, including potentially displaying incorrect social counter values or disrupting plugin functionality.
Technical Details
The core of the issue lies in the plugin’s REST API. The routes wslu/v1/check_cache/{type}, wslu/v1/save_cache/{type}, and wslu/v1/settings/clear_counter_cache are registered with permission_callback set to __return_true. This effectively bypasses authentication and authorization checks, making them accessible to anyone, including unauthenticated users. Furthermore, the handlers for these routes lack proper capability or nonce validation. An attacker can send crafted REST requests to these endpoints to clear or overwrite the social counter cache, influencing the data displayed by the plugin.
CVSS Analysis
The Common Vulnerability Scoring System (CVSS) assigns a score of 5.3 (Medium) to CVE-2025-13620. This score reflects the ease of exploitation (no authentication required) and the potential impact on data integrity and availability. The CVSS vector string is likely to be in the realm of AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N (Network, Low Attack Complexity, No Privileges Required, No User Interaction, Unchanged Scope, No Confidentiality Impact, Low Integrity Impact, No Availability Impact).
Possible Impact
Successful exploitation of this vulnerability could lead to several negative consequences:
- Defacement: Attackers could manipulate social counter values to display inaccurate or misleading information, potentially damaging the reputation of a website.
- Denial of Service (DoS): Repeatedly clearing the cache could potentially impact server performance and lead to a temporary denial of service.
- Further Exploitation: While the direct impact is relatively low, it might be possible to chain this vulnerability with other vulnerabilities for more severe consequences.
Mitigation or Patch Steps
The vulnerability is patched in version 3.1.4 of the WP Social Login and Register Social Counter plugin. The recommended course of action is to immediately update the plugin to the latest version (3.1.4 or higher) through the WordPress dashboard. If an update isn’t possible immediately, consider temporarily deactivating the plugin until the update can be applied.
