AI Threat Alert AI Threat Alert

CVE-2025-31843: OpenAI WP Plugin: broken access control on AI settings

MEDIUM
Published April 1, 2025
CISO Take

WordPress sites running OpenAI Tools for WooCommerce (≤2.1.5) allow any authenticated user to invoke AI admin functions reserved for privileged roles. Update immediately and rotate your OpenAI API key as a precaution. Review OpenAI API usage logs for anomalous call volumes that may indicate prior exploitation or API credit abuse.

Risk Assessment

Medium risk in isolation, elevated in AI context. Any authenticated WordPress user—a registered WooCommerce customer with subscriber role—can exploit this to interact with OpenAI API endpoints or modify AI tool settings without admin privileges. Real-world risk includes API credit exhaustion and unauthorized manipulation of AI-driven e-commerce features. Not in CISA KEV; no public evidence of active exploitation, but low-skill barrier makes opportunistic abuse likely.

Severity & Risk

CVSS 3.1
4.3 / 10
EPSS
0.2%
chance of exploitation in 30 days
Higher than 37% of all CVEs
Source: EPSS v3 — FIRST.org
Exploitation Status
No known exploitation
Sophistication
Trivial

Attack Surface

AV AC PR UI S C I A
AV Network
AC Low
PR Low
UI None
S Unchanged
C None
I Low
A None

Recommended Action

5 steps

  1. Update OpenAI Tools for WordPress & WooCommerce to the latest patched version (>2.1.5) immediately—patch available via WordPress plugin repository.

  2. If patching is delayed, restrict plugin functionality to admin roles via a WAF rule or capability filter hook.

  3. Rotate your OpenAI API key and configure usage limits and spend alerts in the OpenAI dashboard.

  4. Audit WordPress user roles and remove unnecessary accounts, especially in WooCommerce customer pools.

  5. Review OpenAI API usage logs for the exposure window to detect anomalous call patterns.

CISA SSVC Assessment

Decision Track
Exploitation none
Automatable No
Technical Impact partial

Source: CISA Vulnrichment (SSVC v2.0). Decision based on the CISA Coordinator decision tree.

Classification

Auth Bypass DoS Plugin API AML.T0034 AML.T0040 AML.T0049

Compliance Impact

This CVE is relevant to:

EU AI Act
Article 15 - Accuracy, robustness and cybersecurity
ISO 42001
A.6.1 - Policies for information security
NIST AI RMF
GOVERN 1.2 - Accountability structures are in place so that the appropriate teams and individuals are empowered, responsible, and trained for mapping, measuring, and managing AI risks
OWASP LLM Top 10
LLM06 - Excessive Agency

Frequently Asked Questions

What is CVE-2025-31843?

WordPress sites running OpenAI Tools for WooCommerce (≤2.1.5) allow any authenticated user to invoke AI admin functions reserved for privileged roles. Update immediately and rotate your OpenAI API key as a precaution. Review OpenAI API usage logs for anomalous call volumes that may indicate prior exploitation or API credit abuse.

Is CVE-2025-31843 actively exploited?

No confirmed active exploitation of CVE-2025-31843 has been reported, but organizations should still patch proactively.

How to fix CVE-2025-31843?

1. Update OpenAI Tools for WordPress & WooCommerce to the latest patched version (>2.1.5) immediately—patch available via WordPress plugin repository. 2. If patching is delayed, restrict plugin functionality to admin roles via a WAF rule or capability filter hook. 3. Rotate your OpenAI API key and configure usage limits and spend alerts in the OpenAI dashboard. 4. Audit WordPress user roles and remove unnecessary accounts, especially in WooCommerce customer pools. 5. Review OpenAI API usage logs for the exposure window to detect anomalous call patterns.

What systems are affected by CVE-2025-31843?

This vulnerability affects the following AI/ML architecture patterns: LLM API integrations, WordPress AI plugins, E-commerce AI automation.

What is the CVSS score for CVE-2025-31843?

CVE-2025-31843 has a CVSS v3.1 base score of 4.3 (MEDIUM). The EPSS exploitation probability is 0.17%.

Technical Details

NVD Description

Missing Authorization vulnerability in Wilson OpenAI Tools for WordPress & WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects OpenAI Tools for WordPress & WooCommerce: from n/a through 2.1.5.

Exploitation Scenario

An adversary registers or compromises a low-privilege WooCommerce customer account on a target WordPress site. They send crafted HTTP POST requests to plugin AJAX endpoints that lack capability checks, invoking OpenAI API calls or modifying AI configuration settings without admin authorization. Attack requires no special tooling—standard browser dev tools or Burp Suite suffice. Adversary can exhaust OpenAI API credits (financial harm to the site owner), exfiltrate API key configuration, or inject manipulated AI-generated content into product listings at scale.

Weaknesses (CWE)

CWE-862

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

References

Timeline

Published
April 1, 2025
Last Modified
April 1, 2025
First Seen
April 1, 2025

Related Vulnerabilities

CRITICAL CVE-2026-21858 10.0

n8n: Input Validation flaw enables exploitation

Same attack type: Auth Bypass
CRITICAL GHSA-vvpj-8cmc-gx39 10.0

picklescan: security flaw enables exploitation

Same attack type: Auth Bypass
CRITICAL CVE-2025-2828 10.0

LangChain RequestsToolkit: SSRF exposes cloud metadata

Same attack type: Auth Bypass
CRITICAL CVE-2025-53767 10.0

Azure OpenAI: SSRF EoP, no auth required (CVSS 10)

Same attack type: Auth Bypass
CRITICAL CVE-2026-26030 10.0

semantic-kernel: Code Injection enables RCE

Same attack type: Auth Bypass
Back to Threat Feed