WordPress Plugin Vulnerabilities
Redux Framework < 4.5.13 - Subscriber+ Privilege Escalation to Administrator
Description
The plugin does not restrict which user meta keys can be written when saving custom profile fields, allowing users with at least the Subscriber role to escalate their privileges to Administrator by submitting a crafted value while updating their own profile, on sites where the plugin's user-profile (Users extension) feature is enabled.
Proof of Concept
Affects Plugins
References
Classification
Type
PRIVESC
OWASP top 10
CWE
CVSS
Miscellaneous
Original Researcher
Jakub Herman
Submitter
Jakub Herman
Submitter website
Verified
Yes
WPVDB ID
Timeline
Publicly Published
2026-06-25 (about 21 days ago)
Added
2026-06-25 (about 20 days ago)
Last Updated
2026-07-10 (about 5 days ago)