CVE-2025-12732 — MEDIUM (CVSS 4.3) AI Security Vulnerability

CISO Take

Any WordPress site running WP Import plugin with an OpenAI API key configured is leaking that key to any authenticated user with Author-level access or above — no exploit sophistication required. Rotate your OpenAI API keys immediately, set spending limits in your OpenAI dashboard, and update or disable the plugin. Audit your WordPress user roster for unnecessary Author+ accounts.

Severity & Risk

CVSS 3.1

4.3 / 10

EPSS

N/A

KEV Status

Not in KEV

Sophistication

Trivial

Recommended Action

1. Immediately revoke and reissue any OpenAI API keys configured in WP Import plugin — assume compromise if you cannot confirm no unauthorized Author+ access. 2. Update WP Import to a patched version above 7.33. 3. Set hard spending limits and usage alerts on your OpenAI account as a blast-radius control. 4. Review OpenAI API usage logs for anomalous call volumes or unexpected model usage. 5. Audit WordPress user accounts — remove or downgrade unnecessary Author+ roles. 6. Scope API keys to minimum required permissions and consider per-environment key rotation. 7. Detection: alert on OpenAI API calls from unexpected IP ranges or at unusual hours.

Classification

Data Extraction Auth Bypass Data Leakage API Plugin AML.T0034 - Cost Harvesting AML.T0040 - AI Model Inference API Access AML.T0049 - Exploit Public-Facing Application AML.T0055 - Unsecured Credentials AML.T0106 - Exploitation for Credential Access

Compliance Impact

This CVE is relevant to:

EU AI Act

Article 9 - Risk Management System

ISO 42001

A.6.2.6 - Information security in AI system development A.9.3 - AI system access control

NIST AI RMF

GOVERN-6.2 - Policies, processes, procedures, and practices across the organization MANAGE-2.4 - Risks are addressed via mechanisms such as updating or retiring AI systems

OWASP LLM Top 10

LLM02:2025 - Sensitive Information Disclosure LLM10:2025 - Unbounded Consumption

Technical Details

NVD Description

The WP Import – Ultimate CSV XML Importer for WordPress plugin for WordPress is vulnerable to unauthorized access of sensitive information due to a missing authorization check on the showsetting() function in all versions up to, and including, 7.33. This makes it possible for authenticated attackers, with Author-level access or higher, to extract sensitive information including OpenAI API keys configured through the plugin's admin interface.

Exploitation Scenario

An attacker registers a free account on a WordPress site (or compromises an existing low-privilege contributor account). They craft a direct HTTP request to the vulnerable showsetting() endpoint — no special tooling required, just an authenticated session cookie. The endpoint returns admin plugin configuration including the plaintext OpenAI API key. The attacker then uses this key externally to run GPT-4 or DALL-E queries at the victim's expense, or resells the key on underground markets. A financially motivated adversary could systematically scan WordPress sites running this plugin, extract keys at scale, and run a cost-harvesting operation before the victim notices unusual billing.

Weaknesses (CWE)

CWE-200

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

References

Timeline

Published

November 12, 2025

Last Modified

November 12, 2025

First Seen

November 12, 2025