Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2025-12536 PoC — SureForms <= 1.13.1 - Missing Authorization to Unauthenticated Sensitive Information Exposure

Source
https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2025/CVE-2025-12536.yaml
Associated Vulnerability
Title:SureForms <= 1.13.1 - Missing Authorization to Unauthenticated Sensitive Information Exposure (CVE-2025-12536)
Description:The SureForms plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.13.1 via the '_srfm_email_notification' post meta registration. This is due to setting the 'auth_callback' parameter to '__return_true', which allows unauthenticated access to the metadata. This makes it possible for unauthenticated attackers to extract sensitive data including email notification configurations, which frequently contain vendor-provided CRM/help desk dropbox addresses, CC/BCC recipients, and notification templates that can be abused to inject malicious data into downstream systems.
Description
SureForms WordPress plugin <= 1.13.1 contains a sensitive information exposure caused by setting 'auth_callback' to '__return_true' in '_srfm_email_notification' post meta registration, letting unauthenticated attackers access sensitive email notification data, exploit requires no authentication.
File Snapshot

 id: CVE-2025-12536

info:
  name: SureForms <= 1.13.1 - Sensitive Information Exposure
  author: pus

...
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →