Missing Authorization Vulnerability in WP Messiah Ai Image Alt Text Generator for WordPress
CVE-2025-32217

5.4MEDIUM

Key Information:

Vendor

WordPress
Status
Ai Image Alt Text Generator For WP
Vendor
CVE Published:
4 April 2025

What is CVE-2025-32217?

The WP Messiah Ai Image Alt Text Generator for WordPress exposes a missing authorization vulnerability due to improperly configured access control security levels. This imperfection enables unauthorized access to features within the plugin, risking sensitive data exposure and potential exploitation by malicious actors. Users running versions from n/a to 1.0.8 should ensure their installation is updated to safeguard against unauthorized access.

Affected Version(s)

Ai Image Alt Text Generator for WP <= 1.0.8

References

https://patchstack.com/database/wordpress/plugin/ai-image...
vdb-entry

CVSS V3.1

Score:
5.4
Severity:
MEDIUM
Confidentiality:
None
Integrity:
Low
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

Peter Thaleikis (Patchstack Alliance)
.