Authentication Bypass Vulnerability in SureTriggers Automation Platform Plugin for WordPress
CVE-2025-3102

8.1HIGH

Key Information:

Vendor
Brainstormforce
Status
Ottokit: All-in-one Automation Platform (formerly Suretriggers)
Vendor
CVE Published:
10 April 2025

Badges

๐Ÿ“ˆ Score: 1,050๐Ÿ‘พ Exploit Exists๐Ÿ“ฐ News Worthy

What is CVE-2025-3102?

CVE-2025-3102 is a vulnerability identified in the SureTriggers Automation Platform plugin for WordPress, developed by Brainstormforce. This plugin is designed to streamline automation processes within WordPress sites. The vulnerability presents a significant risk by allowing unauthenticated attackers to create administrator accounts without prior authentication. This security flaw results from a missing check in the software's code, specifically in how it handles an empty value for a critical parameter. If exploited, this could enable malicious actors to take complete control of affected WordPress sites, potentially leading to severe operational and security consequences for organizations.

Technical Details

The vulnerability stems from a flaw in the 'authenticate_user' function of the SureTriggers plugin, where an empty check on the 'secret_key' value is missing. This oversight affects all versions of the plugin up to and including 1.0.78. Because the plugin does not require an API key for operation, attackers can leverage this vulnerability to bypass authentication mechanisms completely. Once an attacker establishes an administrator account, they gain unrestricted access, allowing them to modify site content, manage user accounts, and deploy additional malicious activities.

Potential Impact of CVE-2025-3102

  1. Unauthorized Administrative Access: Attackers can create an administrator account without authentication, granting them full control over the affected WordPress site. This access facilitates a range of malicious activities, including data theft, content manipulation, and site defacement.

  2. Data Breaches: With administrative rights, cybercriminals could exfiltrate sensitive data stored within the WordPress site, including user information and proprietary content. This raises concerns about compliance violations and customer trust.

  3. Malware Deployment: The vulnerability could serve as an entry point for deploying malware or ransomware onto the site or its users. Compromised sites can be leveraged to spread further attacks, thereby increasing the risk for broader cybersecurity incidents.

Affected Version(s)

OttoKit: All-in-One Automation Platform (Formerly SureTriggers) * <= 1.0.78

News Articles

favicon imageThe Hacker News

OttoKit WordPress Plugin Admin Creation Vulnerability Under Active Exploitation

A critical OttoKit plugin flaw CVE-2025-3102 exploited within hours lets attackers create admin accounts unchecked.

3 weeks ago

References

https://www.wordfence.com/threat-intel/vulnerabilities/id...
https://plugins.trac.wordpress.org/browser/suretriggers/t...
https://plugins.trac.wordpress.org/changeset?sfp_email=&s...

CVSS V3.1

Score:
8.1
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • ๐Ÿ‘พ

    Exploit known to exist

  • ๐Ÿ“ฐ

    First article discovered by The Hacker News

  • Vulnerability published

  • Vulnerability Reserved

Credit

Michael Mazzolini
.