CVE-2025-12732 — MEDIUM (CVSS 4.3) AI Security Vulnerability

CISO Take

Any WordPress site running WP Import plugin with an OpenAI API key configured is leaking that key to any authenticated user with Author-level access or above — no exploit sophistication required. Rotate your OpenAI API keys immediately, set spending limits in your OpenAI dashboard, and update or disable the plugin. Audit your WordPress user roster for unnecessary Author+ accounts.

Risk Assessment

The CVSS score of 4.3 undersells the business risk. Stolen OpenAI API keys unlock unbounded cost harvesting, unauthorized inference, and potential data access via the AI service — none of which show up in traditional vulnerability scoring. Organizations with high OpenAI API spend or sensitive data flowing through LLM pipelines face financial and operational exposure well beyond what Medium severity implies. Exploitability is trivial: any registered WordPress user at Author level or above can extract the key without technical skills.

Severity & Risk

CVSS 3.1

4.3 / 10

EPSS

0.0%

chance of exploitation in 30 days

Higher than 13% of all CVEs

Source: EPSS v3 — FIRST.org

Exploitation Status

No known exploitation

Sophistication

Trivial

Attack Surface

AV Network

AC Low

PR Low

UI None

S Unchanged

C Low

I None

A None

Recommended Action

7 steps

Immediately revoke and reissue any OpenAI API keys configured in WP Import plugin — assume compromise if you cannot confirm no unauthorized Author+ access.
Update WP Import to a patched version above 7.33.
Set hard spending limits and usage alerts on your OpenAI account as a blast-radius control.
Review OpenAI API usage logs for anomalous call volumes or unexpected model usage.
Audit WordPress user accounts — remove or downgrade unnecessary Author+ roles.
Scope API keys to minimum required permissions and consider per-environment key rotation.
Detection: alert on OpenAI API calls from unexpected IP ranges or at unusual hours.

CISA SSVC Assessment

Decision Track

Exploitation none

Automatable No

Technical Impact partial

Source: CISA Vulnrichment (SSVC v2.0). Decision based on the CISA Coordinator decision tree.

Classification

Data Extraction Auth Bypass Data Leakage API Plugin AML.T0034 - Cost Harvesting AML.T0040 - AI Model Inference API Access AML.T0049 - Exploit Public-Facing Application AML.T0055 - Unsecured Credentials AML.T0106 - Exploitation for Credential Access

Compliance Impact

This CVE is relevant to:

EU AI Act

Article 9 - Risk Management System

ISO 42001

A.6.2.6 - Information security in AI system development A.9.3 - AI system access control

NIST AI RMF

GOVERN-6.2 - Policies, processes, procedures, and practices across the organization MANAGE-2.4 - Risks are addressed via mechanisms such as updating or retiring AI systems

OWASP LLM Top 10

LLM02:2025 - Sensitive Information Disclosure LLM10:2025 - Unbounded Consumption

Frequently Asked Questions

What is CVE-2025-12732?

Any WordPress site running WP Import plugin with an OpenAI API key configured is leaking that key to any authenticated user with Author-level access or above — no exploit sophistication required. Rotate your OpenAI API keys immediately, set spending limits in your OpenAI dashboard, and update or disable the plugin. Audit your WordPress user roster for unnecessary Author+ accounts.

Is CVE-2025-12732 actively exploited?

No confirmed active exploitation of CVE-2025-12732 has been reported, but organizations should still patch proactively.

How to fix CVE-2025-12732?

1. Immediately revoke and reissue any OpenAI API keys configured in WP Import plugin — assume compromise if you cannot confirm no unauthorized Author+ access. 2. Update WP Import to a patched version above 7.33. 3. Set hard spending limits and usage alerts on your OpenAI account as a blast-radius control. 4. Review OpenAI API usage logs for anomalous call volumes or unexpected model usage. 5. Audit WordPress user accounts — remove or downgrade unnecessary Author+ roles. 6. Scope API keys to minimum required permissions and consider per-environment key rotation. 7. Detection: alert on OpenAI API calls from unexpected IP ranges or at unusual hours.

What systems are affected by CVE-2025-12732?

This vulnerability affects the following AI/ML architecture patterns: WordPress + LLM plugin integrations, CMS-embedded AI enrichment pipelines, Shared-credential API key configurations.

What is the CVSS score for CVE-2025-12732?

CVE-2025-12732 has a CVSS v3.1 base score of 4.3 (MEDIUM). The EPSS exploitation probability is 0.04%.

Technical Details

NVD Description

The WP Import – Ultimate CSV XML Importer for WordPress plugin for WordPress is vulnerable to unauthorized access of sensitive information due to a missing authorization check on the showsetting() function in all versions up to, and including, 7.33. This makes it possible for authenticated attackers, with Author-level access or higher, to extract sensitive information including OpenAI API keys configured through the plugin's admin interface.

Exploitation Scenario

An attacker registers a free account on a WordPress site (or compromises an existing low-privilege contributor account). They craft a direct HTTP request to the vulnerable showsetting() endpoint — no special tooling required, just an authenticated session cookie. The endpoint returns admin plugin configuration including the plaintext OpenAI API key. The attacker then uses this key externally to run GPT-4 or DALL-E queries at the victim's expense, or resells the key on underground markets. A financially motivated adversary could systematically scan WordPress sites running this plugin, extract keys at scale, and run a cost-harvesting operation before the victim notices unusual billing.