CVE-2025-3418: WPC Admin Columns 2.0.6 - 2.1.0 - Authenticated (Subscriber+) Privilege Escalation via User Meta Update
First published: Sat Apr 12 2025(Updated: )
The WPC Admin Columns plugin for WordPress is vulnerable to privilege escalation in versions 2.0.6 to 2.1.0. This is due to the plugin not properly restricting user meta values that can be updated through the ajax_edit_save() function. This makes it possible for authenticated attackers, with Subscriber-level access and above, to update their role to that of an administrator.
Credit: security@wordfence.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Admin Columns | >=2.0.6<=2.1.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2025-3418?
CVE-2025-3418 has a medium severity rating due to its potential for privilege escalation.
How do I fix CVE-2025-3418?
To fix CVE-2025-3418, update the WPC Admin Columns plugin to version 2.1.1 or later.
What versions of WPC Admin Columns are affected by CVE-2025-3418?
CVE-2025-3418 affects WPC Admin Columns versions 2.0.6 to 2.1.0.
Who can exploit CVE-2025-3418?
Authenticated users with sufficient permissions can exploit CVE-2025-3418 to escalate their privileges.
Is there a patch available for CVE-2025-3418?
Yes, a patch is available since WPC Admin Columns version 2.1.1.
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/references
- agent/title
- agent/type
- agent/first-publish-date
- agent/description
- agent/guess-ai
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- agent/softwarecombine
- collector/nvd-api
- source/NVD
- agent/last-modified-date
- agent/author
- agent/severity
- agent/event
- collector/epss-latest
- source/FIRST
- agent/source
- agent/tags
- agent/epss
- vendor/wpc
- canonical/admin columns