What is CVE-2025-24738?

A Cross-Site Request Forgery (CSRF) vulnerability exists in the Call Now Button plugin for WordPress, impacting versions up to 1.4.13. Organizations should prioritize patching to mitigate potential security risks.

What is the severity of CVE-2025-24738?

CVE-2025-24738 has a severity rating of MEDIUM with a CVSS base score of 4.3.

CVE-2025-24738 | Medium Vulnerability in Jerry Rietveld Call Now Button

A Cross-Site Request Forgery (CSRF) vulnerability in the Jerry Rietveld Call Now Button plugin allows attackers to perform actions on behalf of authenticated users without their consent. This issue affects all versions of the Call Now Button plugin from n/a through version 1.4.13. The CVSS score for this vulnerability is 4.3, indicating a medium severity level, which necessitates attention to mitigate potential risks.

Risk to organizations includes unauthorized actions being executed on behalf of legitimate users, potentially leading to data exposure or manipulation. Given that this vulnerability requires user interaction to exploit, its exploitation may be limited, but it still poses a significant risk, particularly if users are misled into performing harmful actions.

Organizations should prioritize patching immediately as part of their security measures to prevent exploitation. The vulnerability was published on January 24, 2025, and remains in a deferred status, indicating that it has not yet been fully addressed by all affected parties.

At present, there is no known public exploit or proof of concept available, but organizations should remain vigilant and apply recommended updates as they become available.

Vulnerability Details

This vulnerability allows Cross-Site Request Forgery (CSRF) in the Call Now Button plugin, which is utilized in WordPress. The CVSS score of 4.3 designates it as medium severity due to its potential for unauthorized actions when exploited.

The vulnerability impacts versions up to 1.4.13 of the plugin, and it has a CWE classification of CWE-352. The publication date for this vulnerability was January 24, 2025.

Technical Analysis

The root cause of the vulnerability lies in inadequate validation of requests, which allows attackers to trick users into issuing requests that they did not intend. The attack vector is classified as NETWORK, with low complexity and no privileges required for exploitation. User interaction is required to trigger the CSRF attack.

The impact is primarily on availability, indicating that while there is no confidentiality or integrity impact, the user may be manipulated into performing unwanted actions, which can affect the overall user experience.

Risk & Impact Analysis

Organizations using the Call Now Button plugin should be aware of the potential risks associated with this vulnerability. While it requires user interaction to exploit, the possibility of unauthorized actions raises concerns about user trust and data integrity. The risk is amplified if users are unaware of the vulnerability.

Given the CVSS score of 4.3, organizations should address the vulnerability in their priority patch cycle. The potential for exploitation, though currently low, can lead to significant consequences if not managed properly.

Signal	Status
Known Exploit	No
Public PoC	No
Actively Exploited	No
Ransomware Use	No

Affected Versions

The affected versions of the Call Now Button plugin are from n/a through version 1.4.13. Organizations using these versions should take immediate action to mitigate the vulnerability.

Mitigation & Remediation

Organizations should upgrade to the latest version of the Call Now Button plugin to address this vulnerability. Regular updates and patches are essential for maintaining security. If immediate patching is not possible, consider disabling the plugin temporarily until the issue is resolved.

Additionally, organizations can implement web application firewalls and monitor for unusual user behavior to mitigate the potential impact of this vulnerability.

Detection Guidance

To detect potential exploitation of this vulnerability, organizations should monitor logs for unusual requests that may indicate CSRF attempts. Look for patterns of unexpected user actions that could suggest an attacker is manipulating authenticated sessions.

AppSecure Threat Intelligence Insight

This vulnerability illustrates the ongoing risk of CSRF attacks in web applications. Organizations must remain vigilant and proactive in implementing security measures to protect against such vulnerabilities. For further information on vulnerability management best practices, consult our vulnerability management program and consider adopting a comprehensive approach to application security, including regular penetration testing and security assessments.

As the threat landscape evolves, organizations should also explore penetration testing methodologies to identify and address potential vulnerabilities before they can be exploited.

This case underscores the importance of maintaining awareness of known vulnerabilities in widely used plugins, like the Call Now Button, and taking timely action to remediate them.

Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.

CVE ID	Title	Severity	Vulnerability Type	Published
CVE-2025-65418	CVE-2025-65418: High Vulnerability in docuFORM Managed Print Service Client	HIGH	Path Traversal	May 11, 2026
CVE-2025-65417	CVE-2025-65417: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	XSS	May 11, 2026
CVE-2025-65416	CVE-2025-65416: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	Unrestricted File Upload	May 11, 2026
CVE-2025-65415	CVE-2025-65415: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	Session Fixation	May 11, 2026
CVE-2025-61314	CVE-2025-61314: High Vulnerability in GmbH Mecury Managed Print Services	HIGH	XSS	May 11, 2026

CVE-2025-24738: Medium Vulnerability in Jerry Rietveld Call Now Button