CVE-2025-67998
Authentication Bypass in Miraculous Elementor
Publication date: 2026-02-20
Last updated on: 2026-02-25
Assigner: Patchstack
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| kamleshyadav | miraculous_elementor | From 1.0.0 (inc) to 2.0.7 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-288 | The product requires authentication, but the product has an alternate path or channel that does not require authentication. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-67998 is a high-priority Broken Authentication vulnerability in the WordPress Miraculous Elementor Plugin versions up to and including 2.0.7.
This vulnerability allows a malicious actor to bypass normal authentication mechanisms by using an alternate path or channel, enabling them to perform actions that are normally restricted to higher privileged users.
Specifically, it can allow an attacker to gain administrative access to the affected website.
The flaw falls under the OWASP Top 10 category A7: Identification and Authentication Failures and is classified as Broken Authentication.
How can this vulnerability impact me? :
This vulnerability can have severe impacts as it allows attackers to gain administrative access to your WordPress website.
With administrative privileges, an attacker can modify website content, steal sensitive data, install malicious code, or disrupt website operations.
The vulnerability requires only subscriber or developer privileges to exploit, making it easier for attackers with limited access to escalate their privileges.
Failure to patch this vulnerability promptly can lead to significant security breaches and loss of control over your website.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability affects the WordPress Miraculous Elementor Plugin versions up to and including 2.0.7 and allows authentication bypass. Detection involves identifying if the vulnerable plugin version is installed on your system.
You can check the installed plugin version on your WordPress site by running commands such as:
- Using WP-CLI: wp plugin list | grep miraculous-elementor
- Manually checking the plugin version in the WordPress admin dashboard under Plugins.
Additionally, monitoring for unusual authentication attempts or privilege escalations in your web server logs may help detect exploitation attempts, but no specific detection commands are provided.
What immediate steps should I take to mitigate this vulnerability?
The primary mitigation step is to update the Miraculous Elementor plugin to version 2.0.8 or later, which contains the patch resolving this authentication bypass vulnerability.
Until the update can be applied, users of Patchstack can enable the provided mitigation rule that blocks attacks targeting this flaw.
Enabling automatic updates for vulnerable plugins through Patchstack is also recommended to ensure timely protection.