WordPress Plugin Vulnerabilities

WP Data Access < 5.3.8 - Subscriber+ Privilege Escalation

Description

The plugin does not have authorisation in the multiple_roles_update function, allowing any authenticated users, such as subscriber to update their role and set themselves as admin for example, when the 'Enable role management' setting is enabled.

Affects Plugins

Plugin icon
wp-data-access
Fixed in 5.3.8

References

CVE
CVE-2023-1874
URL
https://www.wordfence.com/blog/2023/04/privilege-escalation-vulnerability-patched-promptly-in-wp-data-access-wordpress-plugin/

Classification

Type
PRIVESC
OWASP top 10
A2: Broken Authentication and Session Management
CWE
CWE-269
CVSS
7.5 (high)

Miscellaneous

Original Researcher
Chloe Chamberland
Verified
Yes
WPVDB ID
7871b890-5172-40aa-88f2-a1b95e240ad4

Timeline

Publicly Published
2023-04-06 (about 2 years ago)
Added
2023-04-12 (about 2 years ago)
Last Updated
2023-04-13 (about 2 years ago)

Other

Published
Title
Published
2025-12-02
Title
DesignThemes LMS < 1.0.5 - Unauthenticated Privilege Escalation
Published
2025-05-22
Title
Hospital Management System <= 47.0(20-11-2023) - Authenticated (Subscriber+) Privilege Escalation
Published
2024-02-21
Title
Academy LMS – eLearning and online course solution for WordPress < 1.9.20 - Authenticated (Subscriber+) Privilege Escalation
Published
2021-06-28
Title
ProfilePress 3.0 - 3.1.3 - Unauthenticated Privilege Escalation
Published
2024-12-11
Title
CE21 Suite < 2.2.1 - Unauthenticated Privilege Escalation