CVE-2025-11257 - Vulnerability Details

- LLM Hubspot Blog Import <= 1.0.1 - Missing Authorization to Authenticated (Subscriber+) Hubspot Import

Description

The LLM Hubspot Blog Import plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'process_save_blogs' AJAX endpoint in all versions up to, and including, 1.0.1. This makes it possible for authenticated attackers, with Subscriber-level access and above, to trigger an import of all Hubspot data.

Published: 2025-10-24

Score: 4.3 Medium

EPSS: < 1% Very Low

KEV: No

Impact:

Action:

Analysis

Impact

The LLM Hubspot Blog Import plugin for WordPress contains a missing capability check on the 'process_save_blogs' AJAX endpoint in all releases up to and including 1.0.1. As a result, any authenticated user with the Subscriber role or higher can invoke the endpoint and trigger the import of all Hubspot data. This flaw allows attackers to alter blog content, potentially deleting or modifying posts, without proper authorization.

Affected Systems

Affected systems are WordPress installations that have the Limelightmarketing LLM Hubspot Blog Import plugin installed at versions 1.0.1 or earlier. The issue applies to all WordPress environments that use the plugin and where subscribers are granted the ability to interact with the AJAX endpoint. The plugin is identified by the vendor Limelightmarketing and the product LLM Hubspot Blog Import.

Risk and Exploitability

The CVSS score of 4.3 indicates moderate severity, and the EPSS score of less than 1% suggests a low likelihood of exploitation. Although the flaw does not enable remote code execution, the impact on data integrity is significant because any logged‑in user can trigger a full re‑import and overwrite existing blog content. The vulnerability is not listed in CISA's KEV catalog, further indicating the exploit community has not widely leveraged this flaw yet. Prior to a patch, an attacker only needs a valid authenticated session with Subscriber level or higher; no special network exposure is required.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

limelightmarketing

LLM Hubspot Blog Import

unaffected

Version	Status	Constraints
`0`	affected	≤ 1.0.1

No data.

Vendor	Product	Confidence	Versions
Limelightmarketing	Llm Hubspot Blog Import	—	—
Wordpress	Wordpress	—	—

Found an issue or want to improve our Enrichment? You can suggest it directly by opening an issue on our dedicated GitHub repository .

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

Update the LLM Hubspot Blog Import plugin to the latest version available from the vendor to ensure the missing capability check is implemented.
If an update is not immediately feasible, deactivate or uninstall the plugin to prevent unauthorized import attempts.
Restrict Subscriber roles from accessing the site's AJAX endpoints by modifying role capabilities or using a security plugin to enforce stricter access control.

Generated by OpenCVE AI on April 22, 2026 at 14:03 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact Low

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00036.

Exploitation none

Automatable no

Technical Impact partial

References

Link	Providers
https://wordpress.org/plugins/llm-hubspot-blog-import/
https://www.wordfence.com/threat-intel/vulnerabilities/id/682ec57a-f67c-40a9-91cd-2a11159ff695?source=cve

History

Mon, 27 Oct 2025 22:30:00 +0000

Type	Values Removed	Values Added
First Time appeared		Limelightmarketing Limelightmarketing llm Hubspot Blog Import Wordpress Wordpress wordpress
Vendors & Products		Limelightmarketing Limelightmarketing llm Hubspot Blog Import Wordpress Wordpress wordpress

Fri, 24 Oct 2025 13:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Fri, 24 Oct 2025 08:30:00 +0000

Type	Values Removed	Values Added
Description		The LLM Hubspot Blog Import plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'process_save_blogs' AJAX endpoint in all versions up to, and including, 1.0.1. This makes it possible for authenticated attackers, with Subscriber-level access and above, to trigger an import of all Hubspot data.
Title		LLM Hubspot Blog Import <= 1.0.1 - Missing Authorization to Authenticated (Subscriber+) Hubspot Import
Weaknesses		CWE-862
References		https://wordpress.org/plugins/llm-hubspot-blog-import/ https://www.wordfence.com/threat-intel/vulnerabilities/id/682ec57a-f67c-40a9-91cd-2a11159ff695?source=cve
Metrics		cvssV3_1 `{'score': 4.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N'}`

Subscriptions

Limelightmarketing Llm Hubspot Blog Import

Wordpress Wordpress

MITRE

Status: PUBLISHED

Assigner: Wordfence

Published: 2025-10-24T08:24:00.500Z

Updated: 2026-04-08T16:58:24.393Z

Reserved: 2025-10-03T12:21:46.347Z

Link: CVE-2025-11257

Vulnrichment

Updated: 2025-10-24T12:10:47.801Z

NVD

Status : Deferred

Published: 2025-10-24T09:15:42.680

Modified: 2026-04-15T00:35:42.020

Link: CVE-2025-11257

Redhat

No data.

OpenCVE Enrichment

Updated: 2026-04-22T14:15:20Z

Weaknesses

CWE-862

Impact

Affected Systems

Risk and Exploitability

Tracking

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact Low

Availability Impact None

User Interaction None

Exploitation none

Automatable no

Technical Impact partial

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object