- Description
- The Academist Membership plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 1.1.6. This is due to the academist_membership_check_facebook_user() function not properly verifying a user's identity prior to authenticating them. This makes it possible for unauthenticated attackers to log in as any user, including site administrators.
- Source
- security@wordfence.com
- NVD status
- Received
CVSS 3.1
- Type
- Primary
- Base score
- 9.8
- Impact score
- 5.9
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- Severity
- CRITICAL
- security@wordfence.com
- CWE-288
- Hype score
- Not currently trending
🚨 CVE-2025-1671 ⚠️🔴 CRITICAL (9.8) 🏢 Elated-Themes - Academist Membership 🏗️ * 🔗 https://t.co/tcwXZdyclB 🔗 https://t.co/H1b5p6mAXz #CyberCron #VulnAlert #InfoSec https://t.co/pN67RiKBPx
@cybercronai
2 Mar 2025
2 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-1671 The Academist Membership plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 1.1.6. This is due to the academist_membership… https://t.co/WYHSMpvJ09
@CVEnew
1 Mar 2025
99 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[CVE-2025-1671: CRITICAL] WordPress Academist Membership plugin (up to v1.1.6) is at risk due to Privilege Escalation as its function doesn't verify users thoroughly, allowing attackers to gain unauthorized access.#cybersecurity,#vulnerability https://t.co/SKBkKOOyJu https://t.co
@CveFindCom
1 Mar 2025
7 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
�� CVE-2025-1671 - WordPress - HIGH 🚨 🗓️ Date published 2025-03-01 08:15:34 UTC #WordPress #CyberSecurity #InfoSec #Vulnerability #TechNews https://t.co/pKHR8t98QD
@vulns_space
1 Mar 2025
3 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes