Overview

WordPress is vulnerable to critical vulnerabilities. Exploitation of these vulnerabilities may allow an unauthenticated attacker to bypass security controls.

Description

WordPress plugins wp-email-debug, hypercomments, golo, psw-login-and-registration, profitori, real-time-validation-for-gravity-forms, affs, and wp-pipes are affected by the vulnerabilities tracked as CVE-2025-6688, CVE-2024-12827, and CVE-2025-4334 with CVSS scores of 9.8 each. The plugins are vulnerable due to improper verification of a user's identity prior to logging them in through the create_user() function, improper checking for an empty token value prior to resetting a user's password through the dwt_listing_reset_password() function, and due to insufficient restrictions on user meta values that can be supplied during registration. Successful exploitation of this vulnerability allows unauthenticated attackers to change arbitrary user's passwords, including administrators, and leverage that to gain access to their account, and register as an administrator.

Impact

Successful exploitation of these vulnerabilities may allow an attacker to gain administrative access into the affected system.

Solution

WordPress has released security patches for these vulnerabilities. Users and administrators are encouraged to apply necessary updates.

References

• 1. https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/simple-payment/simple-payment-136-238-authentication-bypass-to-admin
• 2. https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-themes/dwt-listing-2/dwt-directory-listing-wordpress-theme-336-unauthenticated-arbitrary-user-password-reset
• 3. https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/wp-registration/simple-user-registration-63-unauthenticated-privilege-escalation