WordPress Plugin Vulnerabilities

Kadence WooCommerce Email Designer < 1.5.17 - Shop Manager+ Arbitrary Options Update

Description

The plugin is vulnerable to unauthorized modification of data that can lead to privilege escalation due to insufficient input validation on the import_woomail() function. This makes it possible for authenticated attackers, with Shop Manager-level access and above, to update arbitrary options on the WordPress site. This can be leveraged to update the default role for registration to administrator and enable user registration for attackers to gain administrative user access to a vulnerable site.

Affects Plugins

Plugin icon
kadence-woocommerce-email-designer
Fixed in 1.5.17

References

CVE
CVE-2025-54697
URL
https://www.wordfence.com/threat-intel/vulnerabilities/id/2768f926-16a8-4a7e-a022-a8bd638e1081

Classification

Type
INCORRECT AUTHORISATION
OWASP top 10
A5: Broken Access Control
CWE
CWE-863
CVSS
7.2 (high)

Miscellaneous

Original Researcher
Denver Jackson
Verified
No
WPVDB ID
7b3da95c-d721-438b-a2cc-0bada2d4935b

Timeline

Publicly Published
2025-08-14 (about 10 months ago)
Added
2025-08-19 (about 10 months ago)
Last Updated
2025-08-19 (about 10 months ago)

Other

Published
Title
Published
2021-09-28
Title
AutomatorWP < 1.7.6 - Missing Authorization and Privilege Escalation
Published
2024-05-08
Title
Swift Performance Lite < 2.3.6.19 - Subscriber+ Settings Update
Published
2023-06-05
Title
Formidable Forms < 6.3.1 - Subscriber+ Remote Code Execution
Published
2024-06-05
Title
Bookster < 1.2.0 - Unauthenticated Appointment Status Update
Published
2026-06-15
Title
RTMKit < 2.0.8 - Authenticated (Contributor+) Missing Authorization to Arbitrary Form Submission Access via 'entries_id' Parameter