{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-8572", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "state": "PUBLISHED", "assignerShortName": "Wordfence", "dateReserved": "2025-08-04T22:01:31.166Z", "datePublished": "2026-02-14T08:26:47.464Z", "dateUpdated": "2026-04-08T17:15:49.406Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-08T17:15:49.406Z"}, "affected": [{"vendor": "dreamstechnologies", "product": "Truelysell Core", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "1.8.7", "versionType": "semver"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "The Truelysell Core plugin for WordPress is vulnerable to privilege escalation in versions less than, or equal to, 1.8.7. This is due to insufficient validation of the user_role parameter during user registration. This makes it possible for unauthenticated attackers to create accounts with elevated privileges, including administrator access."}], "title": "Truelysell Core <= 1.8.7 - Unauthenticated Privilege Escalation via Registration", "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/b027c9f9-3144-4783-b646-ee1e02cd27ef?source=cve"}, {"url": "https://themeforest.net/item/truelysell-service-booking-wordpress-theme/43398124"}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-269 Improper Privilege Management", "cweId": "CWE-269", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "baseScore": 9.8, "baseSeverity": "CRITICAL"}}], "credits": [{"lang": "en", "type": "finder", "value": "Alyudin Nafiie"}], "timeline": [{"time": "2025-07-22T00:00:00.000Z", "lang": "en", "value": "Discovered"}, {"time": "2025-11-17T19:17:14.000Z", "lang": "en", "value": "Vendor Notified"}, {"time": "2026-02-13T20:06:58.000Z", "lang": "en", "value": "Disclosed"}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-02-17T15:39:40.908419Z", "id": "CVE-2025-8572", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-02-17T15:44:26.791Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-8572", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-02-17T15:39:40.908419Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-02-17T15:39:47.122Z"}}], "cna": {"title": "Truelysell Core <= 1.8.7 - Unauthenticated Privilege Escalation via Registration", "credits": [{"lang": "en", "type": "finder", "value": "Alyudin Nafiie"}], "metrics": [{"cvssV3_1": {"version": "3.1", "baseScore": 9.8, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}}], "affected": [{"vendor": "dreamstechnologies", "product": "Truelysell Core", "versions": [{"status": "affected", "version": "0", "versionType": "semver", "lessThanOrEqual": "1.8.7"}], "defaultStatus": "unaffected"}], "timeline": [{"lang": "en", "time": "2025-07-22T00:00:00.000Z", "value": "Discovered"}, {"lang": "en", "time": "2025-11-17T19:17:14.000Z", "value": "Vendor Notified"}, {"lang": "en", "time": "2026-02-13T20:06:58.000Z", "value": "Disclosed"}], "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/b027c9f9-3144-4783-b646-ee1e02cd27ef?source=cve"}, {"url": "https://themeforest.net/item/truelysell-service-booking-wordpress-theme/43398124"}], "descriptions": [{"lang": "en", "value": "The Truelysell Core plugin for WordPress is vulnerable to privilege escalation in versions less than, or equal to, 1.8.7. This is due to insufficient validation of the user_role parameter during user registration. This makes it possible for unauthenticated attackers to create accounts with elevated privileges, including administrator access."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-269", "description": "CWE-269 Improper Privilege Management"}]}], "providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-08T17:15:49.406Z"}}}, "cveMetadata": {"cveId": "CVE-2025-8572", "state": "PUBLISHED", "dateUpdated": "2026-04-08T17:15:49.406Z", "dateReserved": "2025-08-04T22:01:31.166Z", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "datePublished": "2026-02-14T08:26:47.464Z", "assignerShortName": "Wordfence"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "The Truelysell Core plugin for WordPress is vulnerable to privilege escalation in versions less than, or equal to, 1.8.7. This is due to insufficient validation of the user_role parameter during user registration. This makes it possible for unauthenticated attackers to create accounts with elevated privileges, including administrator access."}, {"lang": "es", "value": "El plugin Truelysell Core para WordPress es vulnerable a una escalada de privilegios en versiones inferiores o iguales a 1.8.7. Esto se debe a una validaci\u00f3n insuficiente del par\u00e1metro user_role durante el registro de usuarios. Esto permite a atacantes no autenticados crear cuentas con privilegios elevados, incluyendo acceso de administrador."}], "id": "CVE-2025-8572", "lastModified": "2026-04-15T00:35:42.020", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "security@wordfence.com", "type": "Secondary"}]}, "published": "2026-02-14T09:16:11.490", "references": [{"source": "security@wordfence.com", "url": "https://themeforest.net/item/truelysell-service-booking-wordpress-theme/43398124"}, {"source": "security@wordfence.com", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/b027c9f9-3144-4783-b646-ee1e02cd27ef?source=cve"}], "sourceIdentifier": "security@wordfence.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-269"}], "source": "security@wordfence.com", "type": "Secondary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[0,1.8.7]"}}], "product": "truelysell_core", "vendor": "dreamstechnologies"}, {"configurations": [{"platform": null, "status": "unaffected", "versions": null}], "product": "wordpress", "vendor": "wordpress"}], "analysis": {"en": {"generated_at": "2026-04-20T18:49:31.463845+00:00", "value": {"mitigation_remediation": ["Update Truelysell Core to version 1.8.8 or later to apply the vendor fix.", "If an immediate update is not possible, disable new user registration through WordPress settings or remove the registration form from the site until the plugin is updated.", "As a temporary workaround, configure the plugin or use a filter to force the role assigned to new registrations to the lowest level (subscriber).", "Verify that no other plugins or custom code modify the user_role during registration, and consider using a web application firewall rule to block attempts to supply a user_role parameter."], "summary": {"action": "Patch Immediately", "impact": "Privilege Escalation"}, "threat_synthesis": {"affected_systems": "The affected product is the Truelysell Core plugin by DreamTechnologies, used in WordPress installations. Versions equal to or earlier than 1.8.7 are impacted.", "description_and_impact": "The Truelysell Core plugin for WordPress is vulnerable to unauthenticated privilege escalation in versions 1.8.7 and earlier. The flaw arises from insufficient validation of the user_role parameter during user registration, allowing attackers to create new accounts with elevated privileges, including administrator. This vulnerability is classified as CWE\u2011269 and grants an attacker full control over the affected WordPress site.", "risk_and_exploitability": "The CVSS score is 9.8 (Critical), indicating a severe risk. The EPSS score of <1% suggests that widespread exploitation is unlikely at present, and the vulnerability is not listed in CISA KEV. The likely attack vector is a public registration endpoint that accepts a user_role parameter without proper validation. Attackers can target any WordPress site running the vulnerable plugin, creating an account with administrator rights."}}}}, "created": "2026-02-16T12:01:55.726987+00:00", "updated": "2026-04-20T19:00:10.674920+00:00", "vendors": ["dreamstechnologies", "dreamstechnologies$PRODUCT$truelysell_core", "wordpress", "wordpress$PRODUCT$wordpress"]}