Vulnerability Description
The FindAll Listing plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 1.0.5. This is due to the 'findall_listing_user_registration_additional_params' function not restricting what user roles a user can register with. This makes it possible for unauthenticated attackers to supply the 'administrator' role during registration and gain administrator access to the site. Note: The vulnerability can only be exploited if the FindAll Membership plugin is also activated, because user registration is in that plugin.
CVSS Score
CRITICAL
Related Weaknesses (CWE)
References
- https://themeforest.net/item/findall-business-directory-theme/24415962
- https://www.wordfence.com/threat-intel/vulnerabilities/id/14981949-271c-4f98-a6a
FAQ
What is CVE-2025-13538?
CVE-2025-13538 is a vulnerability with a CVSS score of 9.8 (CRITICAL). The FindAll Listing plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 1.0.5. This is due to the 'findall_listing_user_registration_additional_params' fun...
How severe is CVE-2025-13538?
CVE-2025-13538 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2025-13538?
Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.