CVE-2025-3810: CWE-639 Authorization Bypass Through User-Controlled Key in iqonicdesign WPBookit
The WPBookit plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 1.0.2. This is due to the plugin not properly validating a user's identity prior to updating their details like password and email through the edit_profile_data() function. This makes it possible for unauthenticated attackers to change arbitrary user's email addresses and passwords, including administrators, and leverage that to gain access to their account.
AI Analysis
Technical Summary
CVE-2025-3810 is a critical authorization bypass vulnerability in the WPBookit plugin for WordPress developed by iqonicdesign. The flaw exists in all versions up to and including 1.0.2, where the edit_profile_data() function does not verify the identity of the user before allowing updates to sensitive account details such as passwords and email addresses. This allows unauthenticated attackers to modify these details for any user, including administrators, enabling privilege escalation and account takeover. The vulnerability is tracked under CWE-639 (Authorization Bypass Through User-Controlled Key) and has a CVSS v3.1 base score of 9.8, indicating critical severity with network attack vector, no required privileges or user interaction, and impacts confidentiality, integrity, and availability.
Potential Impact
Successful exploitation allows an unauthenticated attacker to change email addresses and passwords of arbitrary users, including administrators, leading to full account takeover. This compromises the confidentiality, integrity, and availability of the affected WordPress site, potentially allowing complete control over the site and its data.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Since no patch or official fix links are provided, users should monitor the vendor's announcements for an official update. Until a fix is available, restrict access to the plugin and consider disabling it to prevent exploitation. Avoid exposing the WordPress installation to untrusted networks if possible.
CVE-2025-3810: CWE-639 Authorization Bypass Through User-Controlled Key in iqonicdesign WPBookit
Description
The WPBookit plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 1.0.2. This is due to the plugin not properly validating a user's identity prior to updating their details like password and email through the edit_profile_data() function. This makes it possible for unauthenticated attackers to change arbitrary user's email addresses and passwords, including administrators, and leverage that to gain access to their account.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
CVE-2025-3810 is a critical authorization bypass vulnerability in the WPBookit plugin for WordPress developed by iqonicdesign. The flaw exists in all versions up to and including 1.0.2, where the edit_profile_data() function does not verify the identity of the user before allowing updates to sensitive account details such as passwords and email addresses. This allows unauthenticated attackers to modify these details for any user, including administrators, enabling privilege escalation and account takeover. The vulnerability is tracked under CWE-639 (Authorization Bypass Through User-Controlled Key) and has a CVSS v3.1 base score of 9.8, indicating critical severity with network attack vector, no required privileges or user interaction, and impacts confidentiality, integrity, and availability.
Potential Impact
Successful exploitation allows an unauthenticated attacker to change email addresses and passwords of arbitrary users, including administrators, leading to full account takeover. This compromises the confidentiality, integrity, and availability of the affected WordPress site, potentially allowing complete control over the site and its data.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Since no patch or official fix links are provided, users should monitor the vendor's announcements for an official update. Until a fix is available, restrict access to the plugin and consider disabling it to prevent exploitation. Avoid exposing the WordPress installation to untrusted networks if possible.
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- Wordfence
- Date Reserved
- 2025-04-18T18:08:49.740Z
- Cisa Enriched
- true
- Cvss Version
- 3.1
- State
- PUBLISHED
Threat ID: 682d9818c4522896dcbd7da3
Added to database: 5/21/2025, 9:08:40 AM
Last enriched: 4/9/2026, 5:24:38 PM
Last updated: 5/9/2026, 12:42:39 AM
Views: 75
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.