{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-0180", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "state": "PUBLISHED", "assignerShortName": "Wordfence", "dateReserved": "2025-01-02T20:21:01.364Z", "datePublished": "2025-02-11T06:54:33.911Z", "dateUpdated": "2026-04-08T17:26:30.701Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-08T17:26:30.701Z"}, "affected": [{"vendor": "Chimpstudio", "product": "WP Foodbakery", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "4.7", "versionType": "semver"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "The WP Foodbakery plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 4.7. This is due to the plugin not properly restricting what user meta can be updated during profile registration. This makes it possible for unauthenticated attackers to register on the site as an administrator."}], "title": "WP Foodbakery <= 4.7 - Unauthenticated Privilege Escalation in foodbakery_registration_validation", "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/d7140a6e-a528-428e-850e-5e4a481c5d7d?source=cve"}, {"url": "https://themeforest.net/item/food-bakery-restaurant-bakery-responsive-wordpress-theme/18970331"}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-269 Improper Privilege Management", "cweId": "CWE-269", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "baseScore": 9.8, "baseSeverity": "CRITICAL"}}], "credits": [{"lang": "en", "type": "finder", "value": "Tonn"}], "timeline": [{"time": "2025-01-01T00:00:00.000Z", "lang": "en", "value": "Vendor Notified"}, {"time": "2025-02-10T00:00:00.000Z", "lang": "en", "value": "Disclosed"}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-02-11T15:27:56.319224Z", "id": "CVE-2025-0180", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-02-11T15:28:13.763Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-0180", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2025-02-11T15:27:56.319224Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-02-11T15:28:04.615Z"}}], "cna": {"title": "WP Foodbakery <= 4.7 - Unauthenticated Privilege Escalation in foodbakery_registration_validation", "credits": [{"lang": "en", "type": "finder", "value": "Tonn"}], "metrics": [{"cvssV3_1": {"version": "3.1", "baseScore": 9.8, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}}], "affected": [{"vendor": "Chimpstudio", "product": "WP Foodbakery", "versions": [{"status": "affected", "version": "*", "versionType": "semver", "lessThanOrEqual": "4.7"}], "defaultStatus": "unaffected"}], "timeline": [{"lang": "en", "time": "2025-01-01T00:00:00.000+00:00", "value": "Vendor Notified"}, {"lang": "en", "time": "2025-02-10T00:00:00.000+00:00", "value": "Disclosed"}], "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/d7140a6e-a528-428e-850e-5e4a481c5d7d?source=cve"}, {"url": "https://themeforest.net/item/food-bakery-restaurant-bakery-responsive-wordpress-theme/18970331"}], "descriptions": [{"lang": "en", "value": "The WP Foodbakery plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 3.3. This is due to the plugin not properly restricting what user meta can be updated during profile registration. This makes it possible for unauthenticated attackers to register on the site as an administrator."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-269", "description": "CWE-269 Improper Privilege Management"}]}], "providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2025-02-11T06:54:33.911Z"}}}, "cveMetadata": {"cveId": "CVE-2025-0180", "state": "PUBLISHED", "dateUpdated": "2025-02-11T15:28:13.763Z", "dateReserved": "2025-01-02T20:21:01.364Z", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "datePublished": "2025-02-11T06:54:33.911Z", "assignerShortName": "Wordfence"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "The WP Foodbakery plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 4.7. This is due to the plugin not properly restricting what user meta can be updated during profile registration. This makes it possible for unauthenticated attackers to register on the site as an administrator."}, {"lang": "es", "value": "El complemento WP Foodbakery para WordPress es vulnerable a la escalada de privilegios en todas las versiones hasta la 3.3 y incluida. Esto se debe a que el complemento no restringe adecuadamente qu\u00e9 metadatos de usuario se pueden actualizar durante el registro del perfil. Esto hace posible que atacantes no autenticados se registren en el sitio como administradores."}], "id": "CVE-2025-0180", "lastModified": "2026-04-15T00:35:42.020", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "security@wordfence.com", "type": "Secondary"}]}, "published": "2025-02-11T07:15:29.277", "references": [{"source": "security@wordfence.com", "url": "https://themeforest.net/item/food-bakery-restaurant-bakery-responsive-wordpress-theme/18970331"}, {"source": "security@wordfence.com", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/d7140a6e-a528-428e-850e-5e4a481c5d7d?source=cve"}], "sourceIdentifier": "security@wordfence.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-269"}], "source": "security@wordfence.com", "type": "Secondary"}]}

{}

{"analysis": {"en": {"generated_at": "2026-04-21T22:23:11.785517+00:00", "value": {"mitigation_remediation": ["Update WP Foodbakery to the latest available version (greater than 4.7) to remediate the privilege escalation flaw.", "If an update is unavailable, disable the plugin\u2019s registration feature or modify the theme\u2019s functions to restrict new user roles to non-administrator levels.", "Audit existing user accounts for unexpected administrator privileges and remove any accounts created without proper authorization."], "summary": {"action": "Apply Patch", "impact": "Unauthenticated privilege escalation to administrator"}, "threat_synthesis": {"affected_systems": "WordPress sites that have the WP Foodbakery plugin installed, specifically versions 4.7 and any earlier releases.", "description_and_impact": "The WP Foodbakery plugin for WordPress is vulnerable to privilege escalation in all versions up to and including 4.7 because the plugin does not properly restrict which user metadata can be updated during profile registration. This flaw allows an attacker who does not possess login credentials to create a new user account that is granted full administrator privileges, effectively compromising the entire WordPress site.", "risk_and_exploitability": "The vulnerability scores a CVSS of 9.8, indicating critical severity, yet the EPSS score is less than 1%, meaning the current likelihood of exploitation is very low. The CVE is not listed in CISA\u2019s KEV catalog. Attackers can trigger the flaw by simply accessing the registration endpoint without authentication, submitting malicious role data, and having the plugin accept the request. While the score is high, the low exploitation probability and lack of a publicly known exploit reduce immediate risk, but the potential impact remains catastrophic if an attacker succeeds."}}}}, "created": "2025-07-13T11:22:05.127091+00:00", "updated": "2026-04-21T22:30:06.132991+00:00", "vendors": ["wordpress", "wordpress$PRODUCT$wordpress"]}