Platform
wordpress
Component
doccure-core
Fixed in
1.5.4
CVE-2025-8900 represents a critical privilege escalation vulnerability discovered in the Doccure Core WordPress plugin. This flaw allows unauthenticated attackers to elevate their privileges to administrator level, potentially granting them complete control over the WordPress site. The vulnerability affects versions 1.0.0 through 1.5.4, and a fix is available in version 1.5.4.
The impact of CVE-2025-8900 is severe. Successful exploitation allows an attacker to bypass authentication and directly assume the role of an administrator. This grants them full access to the WordPress site's backend, including the ability to modify content, install malicious plugins, create new user accounts with elevated privileges, and potentially exfiltrate sensitive data. The attacker could effectively compromise the entire website and its associated data. This vulnerability is particularly concerning given the widespread use of WordPress and the potential for large-scale compromise if exploited.
CVE-2025-8900 was publicly disclosed on 2025-11-03. The vulnerability's ease of exploitation, combined with the widespread use of WordPress and the Doccure Core plugin, suggests a medium probability of exploitation (EPSS score likely medium). No public proof-of-concept exploits have been published at the time of writing, but the vulnerability's simplicity makes it likely that exploits will emerge. Monitor security advisories and threat intelligence feeds for any indications of active exploitation.
Exploit Status
EPSS
0.19% (40% percentile)
CISA SSVC
CVSS Vector
The primary mitigation for CVE-2025-8900 is to immediately upgrade the Doccure Core plugin to version 1.5.4 or later. If upgrading is not immediately feasible due to compatibility issues or breaking changes, consider temporarily disabling user registration to prevent new account creation. Additionally, review existing user accounts for any suspicious administrator roles that may have been created due to exploitation. While a WAF might offer some protection, it is not a substitute for patching the vulnerable plugin. After upgrading, verify the fix by attempting to register a new user and confirming that the role assignment is restricted to the intended values.
Update the Doccure Core plugin to version 1.5.4 or higher to mitigate the privilege escalation vulnerability. This update corrects the way user roles are handled during registration, preventing attackers from obtaining administrator privileges.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2025-8900 is a critical vulnerability in Doccure Core WordPress plugin allowing unauthenticated attackers to gain administrator privileges by manipulating user registration.
You are affected if you are using Doccure Core versions 1.0.0 through 1.5.4. Upgrade to version 1.5.4 to mitigate the risk.
Upgrade the Doccure Core plugin to version 1.5.4 or later. Temporarily disable user registration if immediate upgrade is not possible.
While no public exploits have been released, the vulnerability's simplicity suggests a potential for active exploitation. Monitor security advisories.
Refer to the Doccure Core plugin's official website or WordPress plugin repository for the latest advisory and update information.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.