Skip to main content
CVE-2025-10299 HIGH This Week

WPBifröst WordPress plugin through version 1.0.7 allows low-privileged authenticated users to escalate to full administrative access. Subscribers and higher roles can exploit a missing capability check in the ctl_create_link AJAX handler to create new administrator accounts and immediately log in with full site control. With CVSS 8.8 (High) and EPSS data unavailable, severity is driven by the low privilege requirement (PR:L) and complete system compromise (C:H/I:H/A:H). No public exploit identified at time of analysis, and not listed in CISA KEV, but the attack is trivially automatable once an attacker holds any authenticated role.

Authentication Bypass WordPress Privilege Escalation
NVD
CVSS 3.1
8.8
EPSS
0.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy