Primary

Context

WPGateway WordPress Plugin Privilege Escalation Vulnerability

Vulnerability

A privilege escalation vulnerability has been identified in the WPGateway plugin for WordPress, affecting versions through 3.5. This vulnerability allows unauthenticated attackers to create malicious administrator accounts. The issue has been actively exploited in the wild.

Impact

Exploitation of this vulnerability allows for unauthorized privilege escalation, enabling attackers to create administrator accounts and potentially take over affected WordPress sites.

Remediation

There is no known patch available for this vulnerability. It is recommended to uninstall the WPGateway plugin immediately and check for any unauthorized administrator accounts on the WordPress site.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

8.7

remediation

0.0

relevance

0.0

threat

6.9

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

8.7

remediation

0.0

relevance

0.0

threat

6.9

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

WPGateway WordPress Plugin Privilege Escalation Vulnerability

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating