CVE-2025-13851
Awaiting Analysis Awaiting Analysis - Queue
Privilege Escalation in Buyent Classified WordPress Plugin via REST API

Publication date: 2026-02-19

Last updated on: 2026-02-19

Assigner: Wordfence

Description
The Buyent Classified plugin for WordPress (bundled with Buyent theme) is vulnerable to privilege escalation via user registration in all versions up to, and including, 1.0.7. This is due to the plugin not validating or restricting the user role during registration via the REST API endpoint. This makes it possible for unauthenticated attackers to register accounts with arbitrary roles, including administrator, by manipulating the _buyent_classified_user_type parameter during the registration process, granting them complete control over the WordPress site.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-02-19
Last Modified
2026-02-19
Generated
2026-06-16
AI Q&A
2026-02-19
EPSS Evaluated
2026-06-15
NVD
CVE-2025-13851
EUVD
EUVD-2025-207827
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
buyent classified to 1.0.7 (inc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-269 The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

The Buyent Classified plugin for WordPress, which is bundled with the Buyent theme, has a vulnerability in all versions up to and including 1.0.7. This vulnerability allows privilege escalation through the user registration process. Specifically, the plugin does not validate or restrict the user role during registration via its REST API endpoint.

An unauthenticated attacker can exploit this by manipulating the _buyent_classified_user_type parameter during registration to assign themselves any user role, including administrator. This grants the attacker complete control over the WordPress site.

Impact Analysis

This vulnerability can have severe impacts because it allows an attacker to gain administrator-level access without authentication. With such access, the attacker can fully control the WordPress site.

  • Modify, delete, or create content arbitrarily.
  • Install malicious plugins or themes.
  • Access sensitive user data stored on the site.
  • Use the compromised site as a platform for further attacks.
  • Disrupt website availability or functionality.
Compliance Impact

I don't know

Detection Guidance

I don't know

Mitigation Strategies

I don't know

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-13851. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart