CVE-2025-3102: SureTriggers <= 1.0.78 - Authorization Bypass due to Missing Empty Value Check to Unauthenticated Administrative User Creation
First published: Thu Apr 10 2025(Updated: )
The SureTriggers: All-in-One Automation Platform plugin for WordPress is vulnerable to an authentication bypass leading to administrative account creation due to a missing empty value check on the 'secret_key' value in the 'autheticate_user' function in all versions up to, and including, 1.0.78. This makes it possible for unauthenticated attackers to create administrator accounts on the target website when the plugin is installed and activated but not configured with an API key.
Credit: security@wordfence.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| SureTriggers: All-in-One Automation Platform | <=1.0.78 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://www.bleepingcomputer.com/news/security/hackers-exploit-wordpress-plugin-auth-bypass-hours-after-disclosure/
- https://plugins.trac.wordpress.org/browser/suretriggers/trunk/src/Controllers/RestController.php#L59
- https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3266499%40suretriggers%2Ftrunk&old=3264905%40suretriggers%2Ftrunk&sfp_email=&sfph_mail=
- https://www.wordfence.com/threat-intel/vulnerabilities/id/ec017311-f150-4a14-a4b4-b5634f574e2b?source=cve
- https://www.bleepingcomputer.com/news/security/hackers-exploit-ottokit-wordpress-plugin-flaw-to-add-admin-accounts/
Frequently Asked Questions
What is the severity of CVE-2025-3102?
CVE-2025-3102 is considered a critical vulnerability due to its potential for administrative account creation via authentication bypass.
How do I fix CVE-2025-3102?
To fix CVE-2025-3102, update the SureTriggers: All-in-One Automation Platform plugin to version 1.0.79 or later.
Who is affected by CVE-2025-3102?
All versions of the SureTriggers: All-in-One Automation Platform plugin for WordPress up to and including 1.0.78 are affected by CVE-2025-3102.
What kind of attack can exploit CVE-2025-3102?
CVE-2025-3102 can be exploited to create unauthorized administrative accounts through an authentication bypass.
What is the function that contains the vulnerability in CVE-2025-3102?
The vulnerability in CVE-2025-3102 is found in the 'authenticate_user' function, which lacks an empty value check for the 'secret_key' parameter.
- agent/weakness
- agent/title
- agent/first-publish-date
- agent/type
- agent/description
- agent/guess-ai
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- agent/softwarecombine
- agent/author
- collector/bleeping-computer
- source/BleepingComputer
- alias/CVE-2025-3102
- agent/references
- agent/source
- agent/severity
- agent/event
- agent/trending
- agent/tags
- collector/nvd-api
- source/NVD
- agent/last-modified-date
- collector/mitre-cve
- source/MITRE
- alias/CVE-2025-27007
- agent/news-ai
- exploited/true
- vendor/suretriggers
- canonical/suretriggers: all-in-one automation platform