WordPress Plugin Vulnerabilities

SureTriggers < 1.0.83 - Unauthenticated Privilege Escalation

Description

The plugin is vulnerable to Privilege Escalation due to the create_wp_connection() function missing a capability check. This makes it possible for unauthenticated attackers to establish a connection, which ultimately can make privilege escalation possible when the blog never had any application password set at all.

Proof of Concept

Affects Plugins

Plugin icon
suretriggers
Fixed in 1.0.83

References

CVE
CVE-2025-27007
URL
https://patchstack.com/database/wordpress/plugin/suretriggers/vulnerability/wordpress-suretriggers-1-0-82-privilege-escalation-vulnerability

Classification

Type
PRIVESC
OWASP top 10
A2: Broken Authentication and Session Management
CWE
CWE-269
CVSS
9.8 (critical)

Miscellaneous

Original Researcher
Denver Jackson
Verified
Yes
WPVDB ID
036554f5-253a-45b5-8c2c-4e34094f5859

Timeline

Publicly Published
2025-04-30 (about 11 months ago)
Added
2025-05-05 (about 10 months ago)
Last Updated
2026-01-23 (about 2 months ago)

Other

Published
Title
Published
2025-05-22
Title
Simple Business Directory Pro <= 15.4.8 - Unauthenticated Privilege Escalation
Published
2024-04-25
Title
Barcode Scanner with Inventory & Order Manager < 1.5.4 - Unauthenticated Privilege Escalation
Published
2024-09-13
Title
Post Form – Registration Form – Profile Form for User Profiles – Frontend Content Forms for User Submissions (UGC) < 2.8.12 - Authenticated (Contributor+) Privilege Escalation
Published
2025-03-18
Title
Service Finder Bookings < 5.1 - Unauthenticated Privilege Escalation via Account Takeover
Published
2020-11-09
Title
Ultimate Member < 2.1.12 - Authenticated Privilege Escalation via Profile Update