Description
The Feedback Modal for Website plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'handle_export' function in all versions up to, and including, 1.0.1. This makes it possible for unauthenticated attackers to export all feedback data in CSV or JSON format via the 'export_data' parameter.
Published: 2025-12-05
Score: 5.3 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Unauthorized export of all user feedback data
Action: Patch Immediately
AI Analysis

Impact

The Feedback Modal for Website plugin contains an authorization bypass in its handle_export function. All versions up to 1.0.1 allow anyone to trigger the export_data parameter and download all collected feedback in CSV or JSON format. Because the check for the required capability is missing, the vulnerability permits uncontrolled disclosure of potentially sensitive user input, violating confidentiality. Affected systems are WordPress sites that have installed the nedwp Feedback Modal for Website plugin. Versions from the original release through 1.0.1 are vulnerable. The flaw exists in the plugin’s admin code that handles export requests. Risk and exploitability are moderate (CVSS 5.3) but the EPSS score is below 1%, suggesting low current exploitation probability. The vulnerability is not in the CISA KEV catalog. Attackers can exploit it remotely via a simple HTTP request to the export_data endpoint, with no authentication required, making it straightforward for anyone with network access to extract all feedback data.

Affected Systems

WordPress sites running the nedwp Feedback Modal for Website plugin up through version 1.0.1 are affected.

Risk and Exploitability

Moderate risk with a CVSS score of 5.3. The EPSS score indicates a very low exploitation probability (<1%). This vulnerability is not listed in the CISA KEV catalog. Attackers can remotely trigger the export_data endpoint without authentication, exploiting the missing capability check to exfiltrate all feedback data in CSV or JSON format.

Generated by OpenCVE AI on April 21, 2026 at 17:44 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Update the Feedback Modal for Website plugin to the latest released version where the capability check has been added to the export function.
  • If an update is not immediately available, block unauthenticated access to the export_data endpoint using a web‑application firewall rule or modify WordPress to remove the export handler for all users lacking the proper capability.
  • Continuously monitor site logs for unexpected export_data requests and quarantine any accounts or IPs that trigger them.

Generated by OpenCVE AI on April 21, 2026 at 17:44 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Fri, 05 Dec 2025 14:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Fri, 05 Dec 2025 11:00:00 +0000

Type Values Removed Values Added
First Time appeared Wordpress
Wordpress wordpress
Vendors & Products Wordpress
Wordpress wordpress

Fri, 05 Dec 2025 05:45:00 +0000

Type Values Removed Values Added
Description The Feedback Modal for Website plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'handle_export' function in all versions up to, and including, 1.0.1. This makes it possible for unauthenticated attackers to export all feedback data in CSV or JSON format via the 'export_data' parameter.
Title Feedback Modal for Website <= 1.0.1 - Missing Authorization to Unauthenticated Arbitrary Feedback Data Exfiltration via 'export_data' Parameter
Weaknesses CWE-862
References
Metrics cvssV3_1

{'score': 5.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N'}

Subscriptions

Wordpress Wordpress
cve-icon MITRE

Status: PUBLISHED

Assigner: Wordfence

Published:

Updated: 2026-04-08T17:32:47.536Z

Reserved: 2025-11-21T20:13:43.820Z

Link: CVE-2025-13528

cve-icon Vulnrichment

Updated: 2025-12-05T13:50:29.431Z

cve-icon NVD

Status : Deferred

Published: 2025-12-05T06:16:07.900

Modified: 2026-04-15T00:35:42.020

Link: CVE-2025-13528

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-21T17:45:16Z

Weaknesses