How to fix CVE-2025-1313?

Within 24 hours: Audit all user account email changes in WordPress logs and verify administrator account integrity; disable user self-service password reset functionality if possible. Within 7 days: Contact Nokri theme developers for patch availability status and consider switching to an alternative job board solution if no patch timeline is provided. Within 30 days: Implement a patched version immediately upon release, or migrate to a maintained alternative theme with security-first development practices.

Is PHP affected by CVE-2025-1313?

This vulnerability allows any authenticated WordPress user with basic subscriber privileges to hijack administrator accounts by changing email addresses and resetting passwords, potentially granting attackers full control of the website and associated data.

CVE-2025-1313

EUVD-2025-21206 HIGH

2025-07-12 [email protected]

8.8

CVSS 3.1

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Attack Vector

Network

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Lifecycle Timeline

Analysis Generated

Mar 16, 2026 - 08:56 vuln.today

EUVD ID Assigned

Mar 16, 2026 - 08:56 euvd

EUVD-2025-21206

CVE Published

Jul 12, 2025 - 06:15 nvd

HIGH 8.8

Description

The Nokri - Job Board WordPress Theme theme for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 1.6.3. This is due to the plugin not properly validating a user's identity prior to updating their details like email address. This makes it possible for authenticated attackers, with Subscriber-level access and above, to change arbitrary user's email addresses, including administrators, and leverage that to reset the user's password and gain access to their account.

Analysis

The Nokri - Job Board WordPress Theme contains a critical privilege escalation vulnerability (CVE-2025-1313) affecting all versions up to 1.6.3, where authenticated Subscriber-level users can change arbitrary user email addresses without proper identity validation. This allows attackers to reset administrator passwords and achieve complete account takeover, resulting in full WordPress site compromise. With a CVSS score of 8.8 and low attack complexity requiring only valid subscriber credentials, this vulnerability poses significant real-world risk to WordPress installations using this theme.

Technical Context

The Nokri Job Board WordPress Theme (CPE: wp:nokri_job_board) contains an Improper Input Validation / Missing Authorization weakness (CWE-288: Authentication Bypass Using an Alternate Path or Channel) in its user profile update functionality. The theme fails to implement proper identity verification before processing user detail changes, specifically email address modifications. This is a classic broken access control vulnerability where the application accepts authenticated requests but does not verify the requester has authorization to modify the target user's account. The vulnerability exists in the theme's user management endpoints, likely in AJAX handlers or REST API endpoints that handle user profile updates, allowing any authenticated user with Subscriber role or higher to invoke privileged account modification operations without additional authorization checks.

Affected Products

Nokri - Job Board WordPress Theme (All versions up to and including 1.6.3)

Priority Score

Low Medium High Critical

KEV: 0

EPSS: +0.1

CVSS: +44

POC: 0

CVE-2025-1313 vulnerability details – vuln.today

Back

CVE-2025-1313

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Technical Context

Affected Products

Priority Score

Share

CVE-2025-1313

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Technical Context

Affected Products

Priority Score

Share

External POC / Exploit Code