- Description
- The Javo Core plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 3.0.0.080. This is due to the plugin allowing users who are registering new accounts to set their own role. This makes it possible for unauthenticated attackers to gain elevated privileges by creating an account with the administrator role.
- Source
- security@wordfence.com
- NVD status
- Analyzed
CVSS 3.1
- Type
- Primary
- Base score
- 9.8
- Impact score
- 5.9
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- Severity
- CRITICAL
- security@wordfence.com
- CWE-269
- nvd@nist.gov
- NVD-CWE-noinfo
- Hype score
- Not currently trending
๐ด WordPress, Privilege Escalation, #CVE-2025-0177 (Critical) https://t.co/IC5CG2Lx96
@dailycve
13 Mar 2025
10 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
๐จ CVE-2025-0177 โ ๏ธ๐ด CRITICAL (9.8) ๐ข javothemes - Javo Core ๐๏ธ * ๐ https://t.co/jV9RbBSX3Q ๐ https://t.co/7R09cjiAPy #CyberCron #VulnAlert #InfoSec https://t.co/woRmKizJaj
@cybercronai
9 Mar 2025
16 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
There is a new vulnerability with elevated criticality in javothemes Javo Core Plugin (CVE-2025-0177) https://t.co/aDTZtD0FI9
@vuldb
8 Mar 2025
54 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
New post from https://t.co/uXvPWJy6tj (CVE-2025-0177 | javothemes Javo Core Plugin up to 3.0.0.080 on WordPress privileges management) has been published on https://t.co/b49YLhL3Xp
@WolfgangSesin
8 Mar 2025
18 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
๏ฟฝ๏ฟฝ CVE-2025-0177 - WordPress - CRITICAL ๐จ ๐๏ธ Date published 2025-03-08 09:15:31 UTC #WordPress #CyberSecurity #InfoSec #Vulnerability #TechNews https://t.co/xau2ZLThIP
@vulns_space
8 Mar 2025
3 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-0177 The Javo Core plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 3.0.0.080. This is due to the plugin allowing users who aโฆ https://t.co/T9eAvQMK85
@CVEnew
8 Mar 2025
453 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[CVE-2025-0177: CRITICAL] WordPress plugin Javo Core up to version 3.0.0.080 has a privilege escalation vulnerability, allowing attackers to gain admin access by setting their own user roles during registration.#cybersecurity,#vulnerability https://t.co/14B6DoYvvK https://t.co/4o
@CveFindCom
8 Mar 2025
14 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:javothemes:javo_core:*:*:*:*:*:wordpress:*:*",
"vulnerable": true,
"matchCriteriaId": "1E9DD18E-5FF3-4457-B9A5-4908CE59A403",
"versionEndExcluding": "3.0.0.266"
}
],
"operator": "OR"
}
]
}
]