CVE-2025-69332

Vulnerability

The WordPress Bookify plugin versions up to and including 1.1.1 contain a broken access control vulnerability. The plugin fails to properly authorize or validate nonce tokens in certain functions, allowing unprivileged users to perform actions intended for higher-privileged roles [1].

Exploitation

An attacker must have a subscriber-level account on the WordPress site. No additional authentication, network position, or user interaction beyond having a low-privilege account is required [1]. The attacker can execute functions that lack proper authorization checks by sending crafted requests to the vulnerable endpoints.

Impact

Successful exploitation enables the attacker to perform actions normally restricted to higher-privileged users, such as administrators [1]. This can lead to unauthorized data access, modification, or other privilege escalation outcomes, depending on the affected functions.

Mitigation

The vulnerability is fixed in version 1.1.2 [1]. Users should update the Bookify plugin to version 1.1.2 or later immediately. As a workaround, Patchstack provides a mitigation rule to block attacks until the update is applied [1]. The vulnerability is considered moderately dangerous and is expected to be used in mass-exploit campaigns [1].