CVE-2025-24749
Published: 31 January 2025
Summary
CVE-2025-24749 is a high-severity CSRF (CWE-352) vulnerability. Its CVSS base score is 7.1 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 34.2th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 SC-23 (Session Authenticity) and SI-10 (Information Input Validation).
Deeper analysis
CVE-2025-24749 is a Cross-Site Request Forgery (CSRF) vulnerability, mapped to CWE-352, in the EZPZ SAML SP Single Sign On (SSO) WordPress plugin from Overt Software Solutions LTD. It affects all versions of the plugin from n/a through 1.2.5. The vulnerability carries a CVSS v3.1 base score of 7.1, with vector AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L, indicating network accessibility, low attack complexity, no required privileges, user interaction needed, changed scope, and low impacts across confidentiality, integrity, and availability.
An unauthenticated attacker can exploit this CSRF flaw remotely by tricking an authenticated user into submitting a malicious request, such as via a forged link or form on a malicious site. Exploitation requires user interaction but no special privileges, enabling the attacker to perform unauthorized actions on behalf of the victim within the affected WordPress site.
The Patchstack advisory (https://patchstack.com/database/wordpress/plugin/ezpz-sp/vulnerability/wordpress-ezpz-saml-sp-single-sign-on-sso-plugin-1-2-5-csrf-to-stored-xss-vulnerability?_s_id=cve) describes this as a CSRF-to-stored XSS vulnerability in EZPZ SAML SP Single Sign On (SSO) plugin version 1.2.5. Security practitioners should check for plugin updates or patches from the vendor and apply them promptly, while considering temporary mitigations like CSRF token enforcement or disabling the plugin if SAML SSO is not essential.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2025-3937
Vulnerability details
Cross-Site Request Forgery (CSRF) vulnerability in Overt Software Solutions LTD EZPZ SAML SP Single Sign On (SSO) allows Cross Site Request Forgery. This issue affects EZPZ SAML SP Single Sign On (SSO): from n/a through 1.2.5.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
CSRF-to-stored XSS in public-facing WordPress plugin directly enables T1190 (exploit public-facing app) and T1059.007 (JavaScript execution via XSS payload).
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
SC-23 requires mechanisms such as anti-CSRF tokens to protect session authenticity, directly preventing exploitation of this CSRF vulnerability in the EZPZ SAML SP plugin.
SI-10 enforces validation of all information inputs, including CSRF tokens, to block forged requests that could lead to unauthorized actions or stored XSS via this vulnerability.
SI-2 mandates timely identification, reporting, and remediation of software flaws, enabling patching of the vulnerable EZPZ SAML SP plugin versions up to 1.2.5.