This is a summary of the AI-generated 10-question deep analysis. The full version (longer answers, follow-up Q&A, related CVEs) requires login. Read the full analysis β
Q1What is this vulnerability? (Essence + Consequences)
π¨ **Essence**: Unauthenticated Privilege Escalation via Account Takeover. π₯ **Consequences**: Attackers can hijack ANY user account (even Admins) by changing their email and resetting the password.β¦
π **CWE-862**: Missing Authorization. π **Flaw**: The plugin fails to validate the user's identity before updating account details (like email). It trusts the request without checking if the requester owns the account.
π **Privileges**: Can escalate to Administrator. π§ **Data**: Can take over ANY account (User/Admin) by changing the registered email address and triggering a password reset.
Q5Is exploitation threshold high? (Auth/Config)
π **Threshold**: LOW. π **Auth**: Unauthenticated (No login needed). βοΈ **Config**: Low complexity (AC:L). Just send a crafted request to update the email.
Q6Is there a public Exp? (PoC/Wild Exploitation)
π₯ **Public Exp?**: YES. π **PoC**: Available on GitHub (Nxploited/CVE-2025-3604). Wild exploitation is highly likely given the ease of use.
Q7How to self-check? (Features/Scanning)
π **Check**: Scan for "Flynax Bridge" plugin version <= 2.2.0 in your WordPress installation. π οΈ **Tool**: Use WPScan or manual version check in the plugin directory.
Q8Is it fixed officially? (Patch/Mitigation)
β **Fixed?**: YES. π **Patch**: Reference to WordPress Trac changeset 3306501 indicates a fix exists. Update to the latest version immediately.
Q9What if no patch? (Workaround)
π§ **No Patch?**: Disable the plugin immediately if not essential. π‘οΈ **Mitigation**: If it must stay, restrict access to `request.php` via WAF or firewall rules (though disabling is safer).
Q10Is it urgent? (Priority Suggestion)
π΄ **Priority**: CRITICAL. β±οΈ **Urgency**: Patch NOW. CVSS Score is High (H/H/H). Unauthenticated access means automated bots will exploit this within hours/days.