Vulnerability Description
The WP Directory Kit plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 1.4.4 due to incorrect implementation of the authentication algorithm in the "wdk_generate_auto_login_link" function. This is due to the feature using a cryptographically weak token generation mechanism. This makes it possible for unauthenticated attackers to gain administrative access and achieve full site takeover via the auto-login endpoint with a predictable token.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Wpdirectorykit | Wp Directory Kit | <= 1.4.4 |
Related Weaknesses (CWE)
References
- https://github.com/d0n601/CVE-2025-13390ExploitThird Party Advisory
- https://plugins.trac.wordpress.org/changeset/3400599/wpdirectorykit/Patch
- https://ryankozak.com/posts/cve-2025-13390/Exploit
- https://www.wordfence.com/threat-intel/vulnerabilities/id/6598d171-e68c-4d2f-9cdThird Party Advisory
- https://github.com/d0n601/CVE-2025-13390ExploitThird Party Advisory
FAQ
What is CVE-2025-13390?
CVE-2025-13390 is a vulnerability with a CVSS score of 10.0 (CRITICAL). The WP Directory Kit plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 1.4.4 due to incorrect implementation of the authentication algorithm in the "wdk...
How severe is CVE-2025-13390?
CVE-2025-13390 has been rated CRITICAL with a CVSS base score of 10.0/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2025-13390?
Check the references section above for vendor advisories and patch information. Affected products include: Wpdirectorykit Wp Directory Kit.