Vulnerability Description
This admin plugin for Grav is an HTML user interface that provides a convenient way to configure Grav and easily create and modify pages. Prior to 1.11.0-beta.1, a user enumeration and email disclosure vulnerability exists in Grav. The "Forgot Password" functionality at /admin/forgot leaks information about valid usernames and their associated email addresses through distinct server responses. This allows an attacker to enumerate users and disclose sensitive email addresses, which can be leveraged for targeted attacks such as password spraying, phishing, or social engineering. This vulnerability is fixed in 1.11.0-beta.1.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Getgrav | Grav-Plugin-Admin | <= 1.10.50 |
Related Weaknesses (CWE)
References
- https://github.com/getgrav/grav-plugin-admin/commit/99f653296504f1d6408510dd2f6fPatch
- https://github.com/getgrav/grav/security/advisories/GHSA-q3qx-cp62-f6m7ExploitVendor Advisory
- https://github.com/getgrav/grav/security/advisories/GHSA-q3qx-cp62-f6m7ExploitVendor Advisory
FAQ
What is CVE-2025-66307?
CVE-2025-66307 is a vulnerability with a CVSS score of 6.5 (MEDIUM). This admin plugin for Grav is an HTML user interface that provides a convenient way to configure Grav and easily create and modify pages. Prior to 1.11.0-beta.1, a user enumeration and email disclosur...
How severe is CVE-2025-66307?
CVE-2025-66307 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2025-66307?
Check the references section above for vendor advisories and patch information. Affected products include: Getgrav Grav-Plugin-Admin.