AI Threat Alert
CVE-2025-14980: BetterDocs: Info Disclosure leaks sensitive data
MEDIUM PoC AVAILABLEAny WordPress deployment running BetterDocs ≤4.3.3 with OpenAI integration is leaking its API key to every contributor-level user. Patch to 4.3.4 immediately and rotate the OpenAI API key — assume it is compromised. Set OpenAI spending limits and audit API logs for unauthorized queries before you close the incident.
What is the risk?
Rated CVSS 6.5 but practical impact is higher in AI-integrated environments. Contributor access is low-barrier in content-heavy WordPress sites that allow user registration. The exposed OpenAI API key enables unlimited inference at the victim's expense, potential exfiltration of assistant configurations or fine-tuned model behavior, and unbounded cost accumulation. Exploitability is trivial — no specialized tooling required.
How severe is it?
What is the attack surface?
What should I do?
1 step-
1) Patch immediately: update BetterDocs to 4.3.4+. 2) Rotate the OpenAI API key in the OpenAI dashboard — treat the existing key as fully compromised. 3) Set API spending limits and anomaly alerts in the OpenAI account. 4) Audit OpenAI API usage logs for unauthorized queries during the exposure window. 5) Review contributor-level WordPress accounts for unauthorized access or account creation. 6) Scan other installed WordPress plugins for similar credential exposure patterns using tools like WPScan or a code audit.
What does CISA's SSVC say?
Source: CISA Vulnrichment (SSVC v2.0). Decision based on the CISA Coordinator decision tree.
How is it classified?
Which compliance frameworks are affected?
This CVE is relevant to:
Frequently Asked Questions
What is CVE-2025-14980?
Any WordPress deployment running BetterDocs ≤4.3.3 with OpenAI integration is leaking its API key to every contributor-level user. Patch to 4.3.4 immediately and rotate the OpenAI API key — assume it is compromised. Set OpenAI spending limits and audit API logs for unauthorized queries before you close the incident.
Is CVE-2025-14980 actively exploited?
Proof-of-concept exploit code is publicly available for CVE-2025-14980, increasing the risk of exploitation.
How to fix CVE-2025-14980?
1) Patch immediately: update BetterDocs to 4.3.4+. 2) Rotate the OpenAI API key in the OpenAI dashboard — treat the existing key as fully compromised. 3) Set API spending limits and anomaly alerts in the OpenAI account. 4) Audit OpenAI API usage logs for unauthorized queries during the exposure window. 5) Review contributor-level WordPress accounts for unauthorized access or account creation. 6) Scan other installed WordPress plugins for similar credential exposure patterns using tools like WPScan or a code audit.
What systems are affected by CVE-2025-14980?
This vulnerability affects the following AI/ML architecture patterns: LLM API integrations, WordPress AI plugins, knowledge base and documentation systems, plugin frameworks.
What is the CVSS score for CVE-2025-14980?
CVE-2025-14980 has a CVSS v3.1 base score of 6.5 (MEDIUM). The EPSS exploitation probability is 0.32%.
What is the AI security impact?
Affected AI Architectures
MITRE ATLAS Techniques
AML.T0034 Cost Harvesting AML.T0040 AI Model Inference API Access AML.T0048.000 Financial Harm AML.T0049 Exploit Public-Facing Application AML.T0055 Unsecured Credentials AML.T0083 Credentials from AI Agent Configuration AML.T0091.000 Application Access Token Compliance Controls Affected
What are the technical details?
Original Advisory
The BetterDocs plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.3.3 via the scripts() function. This makes it possible for authenticated attackers, with contributor-level access and above, to extract sensitive data including the OpenAI API key stored in plugin settings.
Exploitation Scenario
An attacker registers or compromises a contributor-level account on a target WordPress site. They load any BetterDocs-enabled page and inspect the JavaScript sources rendered by the plugin's scripts() function, which embeds the OpenAI API key in plaintext in the frontend bundle. The attacker extracts the key in under five minutes without any specialized tooling. They immediately begin abusing the OpenAI API: sending high-volume queries to harvest costs, probing assistants for sensitive conversation history, or extracting fine-tuned model behavior. If the key grants access to OpenAI organization-level resources, lateral access to other team members' data is possible.
Weaknesses (CWE)
CWE-200 — Exposure of Sensitive Information to an Unauthorized Actor: The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
- [Architecture and Design] Compartmentalize the system to have "safe" areas where trust boundaries can be unambiguously drawn. Do not allow sensitive data to go outside of the trust boundary and always be careful when interfacing with a compartment outside of the safe area. Ensure that appropriate compartmentalization is built into the system design, and the compartmentalization allows for and reinforces privilege separation functionality. Architects and designers should rely on the principle of least privilege to decide the appropriate time to use privileges and the time to drop privileges.
Source: MITRE CWE corpus.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N References
Timeline
Related Vulnerabilities
CVE-2025-5120 10.0 smolagents: sandbox escape enables unauthenticated RCE
Same attack type: Data Leakage CVE-2025-53767 10.0 Azure OpenAI: SSRF EoP, no auth required (CVSS 10)
Same attack type: Data Extraction CVE-2023-3765 10.0 MLflow: path traversal allows arbitrary file read
Same attack type: Data Leakage CVE-2025-2828 10.0 LangChain RequestsToolkit: SSRF exposes cloud metadata
Same attack type: Data Extraction CVE-2026-21858 10.0 n8n: Input Validation flaw enables exploitation
Same attack type: Data Extraction