CVE-2025-13559

Affected software: WordPress EduKart Pro plugin (versions up to 1.0.3). Root cause: The function edukart_pro_register_user_front_end does not restrict permissible registration roles, enabling an unauthenticated user to register as an administrator. Impact: Privilege escalation to full administrat...