Platform
wordpress
Component
bmlt-wordpress-satellite-plugin
Fixed in
3.11.5
3.11.5
A Cross-Site Request Forgery (CSRF) vulnerability exists in the BMLT WordPress Satellite plugin for WordPress. This flaw, present in versions up to and including 3.11.4, stems from insufficient nonce validation during the creation and deletion of plugin options. Successful exploitation allows unauthenticated attackers to manipulate plugin settings by tricking a site administrator into performing malicious actions.
The primary impact of this CSRF vulnerability is the ability for an attacker to modify the BMLT WordPress Satellite plugin's configuration without authentication. By crafting malicious links or forms, an attacker can induce a site administrator to unknowingly execute actions that create or delete plugin options. This could lead to unauthorized changes in plugin behavior, potentially impacting site functionality or exposing sensitive data. While the direct data at risk is limited to plugin-specific settings, the ability to alter plugin behavior could have broader consequences depending on the plugin's functionality and integration with other site components. This vulnerability shares similarities with other CSRF exploits where user interaction is required to trigger the malicious action.
CVE-2025-14162 was publicly disclosed on December 11, 2025. There is no indication of this vulnerability being actively exploited in the wild at this time. The EPSS score is likely to be low to medium, given the requirement for user interaction (tricking an administrator) and the relatively limited scope of potential impact. No public proof-of-concept exploits have been identified as of the disclosure date.
Exploit Status
EPSS
0.02% (3% percentile)
CISA SSVC
CVSS Vector
The recommended mitigation is to immediately upgrade the BMLT WordPress Satellite plugin to a version newer than 3.11.4, where the vulnerability has been addressed. If upgrading is not immediately feasible due to compatibility issues or breaking changes, consider implementing a Web Application Firewall (WAF) with CSRF protection rules to filter out malicious requests. Additionally, ensure that all administrator accounts have strong, unique passwords and that multi-factor authentication is enabled. Regularly review plugin settings for any unauthorized modifications. There are no specific Sigma or YARA rules readily available for this particular vulnerability, but generic CSRF detection rules can be applied.
No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2025-14162 is a Cross-Site Request Forgery (CSRF) vulnerability affecting the BMLT WordPress Satellite plugin versions up to 3.11.4, allowing attackers to manipulate plugin settings.
You are affected if your WordPress site uses the BMLT WordPress Satellite plugin version 3.11.4 or earlier. Upgrade to a patched version to resolve the vulnerability.
Upgrade the BMLT WordPress Satellite plugin to a version newer than 3.11.4. Consider implementing a WAF and enabling multi-factor authentication for administrator accounts as interim measures.
As of December 11, 2025, there is no public evidence of CVE-2025-14162 being actively exploited in the wild.
Refer to the BMLT WordPress Satellite plugin's official website or WordPress plugin repository for the latest advisory and update information.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.