CVE-2025-13851

The Buyent Classified plugin for WordPress bundled with Buyent theme is vulnerable to privilege escalation via user registration in all versions up to, and including, 1.0.7. This is due to the plugin not validating or restricting the user role during registration via the REST API endpoint. This...

CVE-2025-13851 Buyent Theme (with Buyent Classified Plugin) <= 1.0.7 - Unauthenticated Privilege Escalation via User Registration

The Buyent Classified plugin for WordPress bundled with Buyent theme is vulnerable to privilege escalation via user registration in all versions up to, and including, 1.0.7. This is due to the plugin not validating or restricting the user role during registration via the REST API endpoint. This...

PT-2026-20608

Name of the Vulnerable Software and Affected Versions Buyent Classified plugin for WordPress versions up to and including 1.0.7 Description The Buyent Classified plugin for WordPress, when bundled with the Buyent theme, has a flaw that allows unauthorized privilege escalation through the user...

CVE-2025-14156

The Fox LMS – WordPress LMS Plugin plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 1.0.5.1. This is due to the plugin not properly validating the 'role' parameter when creating new users via the /fox-lms/v1/payments/create-order REST API endpoint...

CVE-2025-14156 Fox LMS – WordPress LMS Plugin 1.0.4.7 - 1.0.5.1 - Unauthenticated Privilege Escalation via 'createOrder'

The Fox LMS – WordPress LMS Plugin plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 1.0.5.1. This is due to the plugin not properly validating the 'role' parameter when creating new users via the /fox-lms/v1/payments/create-order REST API endpoint...

PT-2025-5336 · Directus · Directus

Name of the Vulnerable Software and Affected Versions: Directus versions prior to 11.2.0 Description: The issue allows a typical user to specify an arbitrary role when sharing an item, enabling them to use a higher-privileged role to view fields they should not be able to see. This affects...

Directus 安全漏洞

Directus is a real-time Api and application dashboard open-sourced by Directus. It is used to manage Sql database content. A security vulnerability exists in Directus versions prior to 11.2.0 that stems from the ability of a user to specify arbitrary roles when sharing a project, resulting in a...

CVE-2023-32749

Pydio Cells allows users by default to create so-called external users in order to share files with them. By modifying the HTTP request sent when creating such an external user, it is possible to assign the new user arbitrary roles. By assigning all roles to a newly created user, access to all...

CVE-2023-32749

Pydio Cells allows users by default to create so-called external users in order to share files with them. By modifying the HTTP request sent when creating such an external user, it is possible to assign the new user arbitrary roles. By assigning all roles to a newly created user, access to all...

CVE-2023-32749

CVE-2023-32749 affects Pydio Cells. An attacker can modify the HTTP request when creating external users, permitting assignment of arbitrary roles to the new account. If all roles are granted, the attacker gains access to all cells and non-personal workspaces. Documented impact is privilege escal...

CVE-2023-32749

Pydio Cells allows users by default to create so-called external users in order to share files with them. By modifying the HTTP request sent when creating such an external user, it is possible to assign the new user arbitrary roles. By assigning all roles to a newly created user, access to all...

PT-2023-23997 · Pydio · Pydio Cells

Name of the Vulnerable Software and Affected Versions: Pydio Cells affected versions not specified Description: The issue allows users to assign arbitrary roles to newly created external users by modifying the HTTP request during the creation process. This can grant access to all cells and...

CVE-2022-4016

The Booster for WooCommerce WordPress plugin before 5.6.7, Booster Plus for WooCommerce WordPress plugin before 5.6.6, Booster Elite for WooCommerce WordPress plugin before 1.1.8 does not properly check for CSRF when creating and deleting Customer roles, allowing attackers to make logged admins...

WordPress WP User Frontend Authorization Issue Vulnerability

WP User Frontend is a wordpress plugin for user frontend posting and submission. An authorization issue vulnerability exists in WordPress WP User Frontend versions prior to 3.5.29. The vulnerability stems from improper privilege management and can be exploited by an attacker to create accounts wi...

CVE-2021-24175

The Plus Addons for Elementor Page Builder WordPress plugin before 4.1.7 was being actively exploited to by malicious actors to bypass authentication, allowing unauthenticated users to log in as any user including admin by just providing the related username, as well as create accounts with...

CVE-2021-24175

The Plus Addons for Elementor Page Builder WordPress plugin before 4.1.7 was being actively exploited to by malicious actors to bypass authentication, allowing unauthenticated users to log in as any user including admin by just providing the related username, as well as create accounts with...

CVE-2021-24175 The Plus Addons for Elementor Page Builder < 4.1.7 - Authentication Bypass

The Plus Addons for Elementor Page Builder WordPress plugin before 4.1.7 was being actively exploited to by malicious actors to bypass authentication, allowing unauthenticated users to log in as any user including admin by just providing the related username, as well as create accounts with...

WordPress Elementor Page Builder 授权问题漏洞

Elementor is a WordPress page builder from the Elementor team that offers a variety of design elements and supports custom templates and more. Elementor Page Builder WordPress plugin before 4.1.7 suffers from a security vulnerability that allows unauthenticated users to log in to any user includi...

Information disclosure

The popup-builder plugin before 3.64.1 for WordPress allows information disclosure and settings modification, leading to in-scope privilege escalation via admin-post actions to com/classes/Actions.php. By sending a POST request to wp-admin/admin-post.php, an authenticated attacker with minimal...

WordPress User Role Editor Plugin < 4.25 - Privilege Escalation Exploit

Exploit for php platform in category web applications This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'WordPress User Role Editor Plugin Privilege Escalation', 'Description' = %q The WordPress...