- Description
- The WP Foodbakery plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 4.7. This is due to the plugin not properly validating a user's identity prior to setting the current user and their authentication cookie. This makes it possible for unauthenticated attackers to gain access to a target user's (e.g. administrators) account.
- Source
- security@wordfence.com
- NVD status
- Received
CVSS 3.1
- Type
- Primary
- Base score
- 9.8
- Impact score
- 5.9
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- Severity
- CRITICAL
- security@wordfence.com
- CWE-288
- Hype score
- Not currently trending
CVE-2025-0181 (CVSS:9.8, CRITICAL) is Awaiting Analysis. The WP Foodbakery plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to,..https://t.co/AKzqoYYasW #cybersecurityawareness #cybersecurity #CVE #infosec #hacker #nvd #mitre
@cracbot
16 Feb 2025
6 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
๐จ CVE-2025-0181 โ ๏ธ๐ด CRITICAL (9.8) ๐ข Chimpstudio - WP Foodbakery ๐๏ธ * ๐ https://t.co/YzdK4cNYXi ๐ https://t.co/goPPOZ5LOv #CyberCron #VulnAlert https://t.co/b202c01UAg
@cybercronai
12 Feb 2025
15 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-0181 The WP Foodbakery plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 4.7. This is due to the plugin nโฆ https://t.co/5qWncPwWHg
@CVEnew
11 Feb 2025
433 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
[CVE-2025-0181: CRITICAL] WordPress plugin WP Foodbakery has a security flaw leading to privilege escalation. Attackers could gain access to users' accounts due to improper validation in versions up to 4.7.#cybersecurity,#vulnerability https://t.co/TpvWBFXRwB https://t.co/7ttuCdr
@CveFindCom
11 Feb 2025
9 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes