Description

The Simple History plugin for WordPress is vulnerable to sensitive data exposure via Detective Mode due to improper sanitization within the append_debug_info_to_context() function in versions prior to 5.8.1. When Detective Mode is enabled, the plugin’s logger captures the entire contents of $_POST (and sometimes raw request bodies or $_GET) without redacting any password‐related keys. As a result, whenever a user submits a login form, whether via native wp_login or a third‐party login widget, their actual password is written in clear text into the logs. An authenticated attacker or any user whose actions generate a login event will have their password recorded; an administrator (or anyone with database read access) can then read those logs and retrieve every captured password.

Classification

CVE ID: CVE-2025-5760

CVSS Base Severity: MEDIUM

CVSS Base Score: 4.9

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

Affected Products

Vendor: eskapism

Product: Simple History – Track, Log, and Audit WordPress Changes

Exploit Prediction Scoring System (EPSS)

EPSS Score: 0.03% (probability of being exploited)

EPSS Percentile: 7.78% (scored less or equal to compared to others)

EPSS Date: 2025-06-06 (when was this score calculated)

References

https://nvd.nist.gov/vuln/detail/CVE-2025-5760
https://www.wordfence.com/threat-intel/vulnerabilities/id/b6364415-da02-4236-b635-d8fbd27faa33?source=cve
https://simple-history.com/support/detective-mode/
https://wordpress.org/plugins/simple-history/#developers
https://github.com/bonny/WordPress-Simple-History/issues/546
https://github.com/bonny/WordPress-Simple-History/commit/68eab0cab6882eafef4bfece884093eeda5ac018
https://wordpress.org/support/topic/security-vulnerability-passwords-stored-as-plain-text-in-logs/
https://plugins.trac.wordpress.org/changeset/3267487/

Timeline