Primary

Context

Templines Elementor Helper Core Privilege Escalation Vulnerability

Vulnerability

A privilege escalation vulnerability exists in the Templines Elementor Helper Core plugin for WordPress, affecting all versions through 2.7. The issue arises from the plugin's allowance of arbitrary user meta updates, enabling authenticated attackers with Subscriber-level access or higher to elevate their roles to Administrator. This vulnerability can only be exploited if the BuddyPress plugin is also installed and activated.

Impact

Exploitation of this vulnerability allows for unauthorized privilege escalation, enabling users to gain Administrator rights.

Remediation

Users are advised to update the Templines Elementor Helper Core plugin to version 2.8 or a newer patched version.

Added: Sep 1, 2025, 7:22 PM

Updated: Sep 1, 2025, 7:22 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

5.5

remediation

7.7

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

5.5

remediation

7.7

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Templines Elementor Helper Core Privilege Escalation Vulnerability

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating