Description
The Insert Headers and Footers Code – HT Script plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the ajax_dismiss function in all versions up to, and including, 1.1.2. This makes it possible for authenticated attackers, with Subscriber-level access and above, to update option values to 1/true on the WordPress site. This can be leveraged to update an option that would create an error on the site and deny access to legitimate users or be used to set some values to true, such as registration.
Published: 2025-04-02
Score: 6.5 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Unauthorized Option Modification
Action: Apply patch
AI Analysis

Impact

The Insert Headers and Footers Code – HT Script plugin for WordPress is vulnerable because the ajax_dismiss AJAX handler lacks a capability check, allowing an authenticated user with Subscriber-level access or higher to set plugin option values to true. This flaw can be used to trigger errors that deny legitimate users access or to enable features such as registration, thereby disrupting site function or altering configuration state.

Affected Systems

All versions of the WordPress plugin Insert Headers and Footers Code – HT Script up to and including 1.1.2 are affected.

Risk and Exploitability

The CVSS score of 6.5 indicates medium severity, while the EPSS score of less than 1% reflects low likelihood of exploitation. The vulnerability is not listed in CISA KEV. Exploitation requires an authenticated WordPress session and targeting the plugin’s AJAX endpoint; an attacker cannot obtain higher system privileges beyond the existing role.

Generated by OpenCVE AI on April 22, 2026 at 01:44 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Update the plugin to a version that includes the missing capability check once it becomes available.
  • If an upgrade is not immediately possible, disable the plugin entirely or restrict the ajax_dismiss endpoint to prevent Subscriber-level users from accessing it.
  • Review user role assignments and remove or remediate capabilities that allow Subscribers to perform sensitive configuration changes.

Generated by OpenCVE AI on April 22, 2026 at 01:44 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
EUVD EUVD EUVD-2025-9508 The Insert Headers and Footers Code – HT Script plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the ajax_dismiss function in all versions up to, and including, 1.1.2. This makes it possible for authenticated attackers, with Subscriber-level access and above, to update option values to 1/true on the WordPress site. This can be leveraged to update an option that would create an error on the site and deny access to legitimate users or be used to set some values to true, such as registration.
History

Wed, 02 Apr 2025 16:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Wed, 02 Apr 2025 02:15:00 +0000

Type Values Removed Values Added
Description The Insert Headers and Footers Code – HT Script plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the ajax_dismiss function in all versions up to, and including, 1.1.2. This makes it possible for authenticated attackers, with Subscriber-level access and above, to update option values to 1/true on the WordPress site. This can be leveraged to update an option that would create an error on the site and deny access to legitimate users or be used to set some values to true, such as registration.
Title Insert Headers and Footers Code – HT Script <= 1.1.2 - Missing Authorization to Authenticated (Subscriber+) Limited Options Update
Weaknesses CWE-862
References
Metrics cvssV3_1

{'score': 6.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N'}

Subscriptions

Wordpress Wordpress
cve-icon MITRE

Status: PUBLISHED

Assigner: Wordfence

Published:

Updated: 2026-04-08T17:01:23.121Z

Reserved: 2025-03-24T22:31:58.314Z

Link: CVE-2025-2779

cve-icon Vulnrichment

Updated: 2025-04-02T16:08:54.062Z

cve-icon NVD

Status : Deferred

Published: 2025-04-02T02:15:14.380

Modified: 2026-04-15T00:35:42.020

Link: CVE-2025-2779

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-22T01:45:05Z

Weaknesses