CVE-2025-66077

The Legal Pages plugin for WordPress (versions up to and including 1.4.6) suffers from a missing authorization vulnerability. The flaw resides in the plugin's access control logic, where security checks for proper user capabilities or nonce tokens are absent, allowing exploitation of incorrectly configured access control security levels [1].

An attacker can exploit this vulnerability without requiring any authentication or special privileges. The attack vector is network-based, with low complexity, and no user interaction is needed. This makes it particularly dangerous for mass-exploit campaigns targeting thousands of WordPress sites simultaneously [1].

The impact is considered low in severity, but successful exploitation could allow an unprivileged user to perform actions intended for higher-privileged roles, such as modifying legal page settings or retrieving sensitive information. Given the prevalence of WordPress, this vulnerability poses a significant risk to site integrity [1].

Users are strongly advised to update the plugin to version 1.4.7 or later, which fixes the issue. For those unable to update, consulting hosting providers or web developers is recommended. Patchstack users can enable auto-updates for vulnerable plugins [1].