WordPress Plugin Vulnerabilities

Lisfinity Core - Lisfinity Core plugin used for pebas® Lisfinity WordPress theme < 1.5.0 - Authenticated (Subscriber+) Privilege Escalation

Description

The Lisfinity Core - Lisfinity Core plugin used for pebas® Lisfinity WordPress theme plugin for WordPress is vulnerable to privilege escalation via password update in all versions up to, and including, 1.4.0. This is due to the plugin not properly validating a user's identity prior to updating their password. This makes it possible for authenticated attackers, with Subscriber-level access and above, to change arbitrary user's passwords, including those of administrators.

Affects Plugins

Plugin icon
lisfinity-core
Fixed in 1.5.0

References

CVE
CVE-2025-6038
URL
https://www.wordfence.com/threat-intel/vulnerabilities/id/a3cd1c3e-5bb0-4653-8764-2ca38d9a7c77

Classification

Type
IDOR
OWASP top 10
A5: Broken Access Control
CWE
CWE-639
CVSS
8.8 (high)

Miscellaneous

Original Researcher
Alyudin Nafiie
Verified
No
WPVDB ID
f76d307a-d295-4c21-b2a1-2d075f8df55f

Timeline

Publicly Published
2025-10-08 (about 5 months ago)
Added
2025-10-08 (about 5 months ago)
Last Updated
2025-10-09 (about 5 months ago)

Other

Published
Title
Published
2026-03-25
Title
Elementor Website Builder < 3.35.8 - Contributor+ Sensitive Information Exposure via Elementor Template
Published
2024-04-24
Title
SP Project & Document Manager <= 4.71 - Subscriber+ File Download via IDOR
Published
2024-11-12
Title
WP ERP < 1.13.4 - Unauthorized Access to Terminated Employee Information
Published
2023-06-29
Title
SP Project & Document Manager < 4.68 - Subscriber+ Insecure Direct Object References
Published
2025-10-21
Title
Flexible Refund and Return Order for WooCommerce < 1.0.39 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Order Refund