CVE-2025-13618
Privilege Escalation in WordPress Mentoring Plugin
Publication date: 2026-05-05
Last updated on: 2026-05-05
Assigner: Wordfence
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| mentoring | mentoring_plugin | to 1.2.8 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-269 | The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor. |
Attack-Flow Graph
AI Powered Q&A
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The vulnerability allows unauthenticated attackers to register with administrator-level user accounts due to improper role restrictions in the Mentoring plugin for WordPress. This privilege escalation can lead to unauthorized access and control over the website, potentially exposing sensitive user data.
Such unauthorized access and potential data exposure can negatively impact compliance with common standards and regulations like GDPR and HIPAA, which require strict access controls and protection of personal and sensitive information.
Can you explain this vulnerability to me?
The Mentoring plugin for WordPress has a vulnerability in all versions up to and including 1.2.8 that allows privilege escalation. This occurs because the plugin does not properly restrict the roles that users can register with in the mentoring_process_registration() function. As a result, unauthenticated attackers can register accounts with administrator-level privileges.
How can this vulnerability impact me? :
This vulnerability can have severe impacts because it allows unauthenticated attackers to gain administrator-level access to a WordPress site using the Mentoring plugin. With administrator privileges, attackers can fully control the site, including modifying content, installing malicious code, stealing sensitive data, and disrupting site operations.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability involves unauthenticated attackers registering with administrator-level user accounts due to improper role restrictions in the mentoring_process_registration() function of the Mentoring WordPress plugin.
To detect exploitation attempts on your system, you can monitor for unexpected new administrator accounts created in WordPress, especially those created without authentication.
Suggested commands to help detect suspicious administrator accounts include:
- Using WP-CLI to list all administrator users: wp user list --role=administrator
- Checking recent user registrations in the WordPress database via SQL: SELECT user_login, user_registered FROM wp_users ORDER BY user_registered DESC LIMIT 10;
- Reviewing web server logs for POST requests to the registration endpoint related to the Mentoring plugin, which might look like: grep 'mentoring_process_registration' /var/log/apache2/access.log
These steps can help identify if unauthorized administrator accounts have been created or if suspicious registration activity is occurring.
What immediate steps should I take to mitigate this vulnerability?
The primary mitigation step is to update the Mentoring WordPress plugin to a version that fixes the privilege escalation vulnerability.
According to the changelog, versions after 1.2.8 address vulnerability issues, with security improvements noted in versions 1.3.3 and 1.3.4.
- Update the Mentoring plugin to at least version 1.3.4 or later.
- Review and remove any suspicious administrator accounts that may have been created due to this vulnerability.
- Restrict user registration temporarily if possible until the plugin is updated.
Additionally, monitor your system for any unusual activity and ensure your WordPress installation and other plugins are up to date.