CVE-2025-15018

Sažetak

The Optional Email plugin for WordPress is vulnerable to Privilege Escalation via Account Takeover in all versions up to, and including, 1.3.11. This is due to the plugin not restricting its 'random_password' filter to registration contexts, allowing the filter to affect password reset key generation. This makes it possible for unauthenticated attackers to set a known password reset key when initiating a password reset, reset the password of any user including administrators, and gain access to their accounts.

Reference

https://plugins.trac.wordpress.org/browser/optional-email/tags/1.3.11/optional-email.php?marks=44,51#L44
https://www.wordfence.com/threat-intel/vulnerabilities/id/ff4243e9-cf72-40d5-bc7d-204426024a1d?source=cve

CVSS

Base:	9.8
Impact:	5.9
Exploitability:	3.9

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
HIGH	HIGH	HIGH

CVSS vektor

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Zadnje važnije ažuriranje

07-01-2026 - 12:16

Objavljeno

07-01-2026 - 12:16