CVE-2025-31410
📋 TL;DR
A Cross-Site Request Forgery (CSRF) vulnerability in the WP Church Donation WordPress plugin allows attackers to trick authenticated administrators into performing unintended actions. This affects WordPress sites using WP Church Donation plugin versions up to 1.7. The vulnerability requires an attacker to lure an authenticated user to a malicious page.
💻 Affected Systems
- WP Church Donation WordPress Plugin
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
An attacker could trick an administrator into changing plugin settings, modifying donation configurations, or potentially performing administrative actions that affect donation functionality.
Likely Case
Attackers could modify donation settings, change payment configurations, or alter plugin behavior without the administrator's knowledge.
If Mitigated
With proper CSRF protections and user awareness, the risk is significantly reduced as exploitation requires user interaction with malicious content.
🎯 Exploit Status
Exploitation requires the attacker to trick an authenticated administrator into visiting a malicious webpage while logged into WordPress.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Version after 1.7 (check for latest update)
Restart Required: No
Instructions:
1. Log into WordPress admin panel. 2. Navigate to Plugins → Installed Plugins. 3. Find 'WP Church Donation' and check for updates. 4. If update available, click 'Update Now'. 5. Verify plugin is updated to latest version.
🔧 Temporary Workarounds
Implement CSRF Protection Headers
allAdd Content Security Policy headers to help prevent CSRF attacks
Add to .htaccess: Header set Content-Security-Policy "default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'"
Temporary Plugin Deactivation
linuxDisable the plugin until patched if donation functionality is not critical
wp plugin deactivate wp-church-donation
🧯 If You Can't Patch
- Implement strict access controls and limit administrative access to trusted networks only
- Educate administrators about CSRF risks and safe browsing practices when logged into WordPress
🔍 How to Verify
Check if Vulnerable:
Check WordPress admin → Plugins → Installed Plugins for WP Church Donation version. If version is 1.7 or earlier, you are vulnerable.Check Version:
wp plugin get wp-church-donation --field=versionVerify Fix Applied:
After updating, verify the plugin version is higher than 1.7 in WordPress admin panel.📡 Detection & Monitoring
Log Indicators:
- Unusual plugin configuration changes in WordPress logs
- Multiple failed CSRF token validations
Network Indicators:
- HTTP POST requests to wp-admin/admin-ajax.php without proper referrer headers
- Requests from unexpected sources to plugin endpoints
SIEM Query:
source="wordpress.log" AND ("wp-church-donation" OR "admin-ajax.php") AND ("action=" OR "settings_changed")