CVE-2025-60188 Scanner

Atarim is a WordPress plugin used by online businesses, developers, and marketing agencies to streamline project management and client communications within the WordPress dashboard. It is specifically designed to assist in managing website feedback and tasks directly on live websites, offering a range of features to enhance collaboration. Atarim integrates seamlessly with WordPress, allowing users to leave comments and suggestions or request changes directly on the website. The plugin is used globally by website design agencies, freelancers, and digital teams to improve efficiency in project completions. It provides an intuitive interface for managing workflow, enabling users to easily track project progress and client inputs. Atarim is favored for its user-friendly setup that efficiently transforms client feedback into actionable tasks.

The Information Disclosure vulnerability within Atarim is a high-severity issue where sensitive information is exposed due to improper handling of data. This flaw allows unauthorized users to remotely access sensitive data embedded in the plugin's code, leading to potential information leaks. Attackers can exploit this vulnerability without any special privileges; thus, it poses a significant risk to user confidentiality. The vulnerability arises because of the inadequate protection measures around sensitive information, which should be internally handled by the plugin. This defect in information encapsulation could provide attackers with email addresses or user identifiers stored within the plugin's configuration. Such a vulnerability could undermine user trust and lead to data privacy concerns.

Technical details of the vulnerability indicate that the sensitive information is embedded within the plugin's JSON API, accessible via the endpoint /wp-json/atarim/v1/db/vc'. The flaws in data management expose identifiers like 'wpf_site_id' and 'notify_user', which can be extracted using simple string matches in HTTP responses. The vulnerability is exploited through a GET request that retrieves important details, such as the username and site ID, due to the improper sanitization of the responses. This allows attackers to gain insights into user and site information without authentication, emphasizing the need for improved data management practices. These issues typically emerge from the lack of input validation and data-layer security measures, presenting a straightforward attack vector for attackers.

When exploited, the Information Disclosure vulnerability could lead to unauthorized access to sensitive data, compromising personal identifiers and site-related information. Such exploitation could result in user privacy violations where attackers retrieve confidential data. Users could face a broad range of issues, from spam to more severe data breaches, affecting the integrity and confidentiality of the data. This vulnerability could be particularly problematic in an environment where data protection is crucial, impacting businesses extensively. Additionally, it could escalate to more significant security breaches if the exposed data is leveraged for further exploitation. Failure to mitigate this vulnerability may amplify security risks across the affected environments.

REFERENCES

• https://github.com/m4sh-wacker/CVE-2025-60188-Atarim-Plugin-Exploit