Severity by source
AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
4DescriptionCVE.org
Authentication Bypass Using an Alternate Path or Channel vulnerability in Themepaste Admin Safety Guard allows Password Recovery Exploitation.This issue affects Admin Safety Guard: from n/a through 1.2.6.
AnalysisAI
The Admin Safety Guard WordPress plugin versions through 1.2.6 contains an authentication bypass vulnerability that allows attackers to exploit password recovery mechanisms through alternate paths or channels. Attackers can remotely compromise administrator accounts without authentication, leading to complete site takeover. The vulnerability has a CVSS score of 8.1 (High) with high attack complexity, though no EPSS data or KEV listing indicates limited observed exploitation to date.
Technical ContextAI
This vulnerability affects the Admin Safety Guard WordPress plugin developed by Themepaste, specifically targeting versions up to and including 1.2.6 as identified by CPE cpe:2.3:a:themepaste:admin_safety_guard:*:*:*:*:*:*:*:*. The root cause is classified as CWE-288 (Authentication Bypass Using an Alternate Path or Channel), which occurs when an application provides multiple authentication paths or channels but fails to properly secure alternative mechanisms. In this case, the password recovery functionality appears to implement an insecure alternate authentication channel that can be exploited to gain unauthorized access without proper credential validation. This represents a fundamental flaw in the security architecture where security controls can be circumvented by accessing the system through an unprotected or poorly protected route.
RemediationAI
Users of Admin Safety Guard should immediately upgrade to a version newer than 1.2.6 if available from the plugin developer Themepaste. Consult the Patchstack advisory at https://patchstack.com/database/wordpress/plugin/admin-safety-guard/vulnerability/wordpress-admin-safety-guard-plugin-1-2-2-broken-authentication-vulnerability?_s_id=cve for specific patch guidance and version recommendations. If an updated version is not available or patching cannot be performed immediately, consider temporarily disabling the Admin Safety Guard plugin and implementing alternative WordPress security hardening measures such as enforcing strong password policies, implementing two-factor authentication through alternative plugins, limiting login attempts, and restricting administrative access to trusted IP addresses via server-level firewall rules or WordPress security plugins. Monitor WordPress admin login logs for suspicious password recovery attempts during the interim period.
Same technique Authentication Bypass
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-13063