PT-2026-20608 · WordPress+1 · Buyent Classified+1
Ismail Syaleh
·
Published
2026-02-19
·
Updated
2026-03-04
·
CVE-2025-13851
CVSS v3.1
9.8
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Buyent Classified plugin for WordPress versions up to and including 1.0.7
Description
The Buyent Classified plugin for WordPress, when bundled with the Buyent theme, has a flaw that allows unauthorized privilege escalation through the user registration process. The plugin does not properly validate or restrict user roles during registration via the REST API. An attacker can manipulate the
buyent classified user type parameter during registration to assign themselves arbitrary roles, including administrator, gaining complete control of the WordPress site. This occurs because the registration process lacks sufficient authentication checks.Recommendations
Update the Buyent Classified plugin to a version later than 1.0.7.
Fix
LPE
Improper Privilege Management
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Buyent Classified
Buyent Theme