CRITICAL🇵🇱 Wersja polska

CVE-2025-13390

CVSS 10.0v3.1pub. 2025-12-03upd. 2025-12-16

The WP Directory Kit plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 1.4.4 due to incorrect implementation of the authentication algorithm in the "wdk_generate_auto_login_link" function. This is due to the feature using a cryptographically weak token generation mechanism. This makes it possible for unauthenticated attackers to gain administrative access and achieve full site takeover via the auto-login endpoint with a predictable token.

🤖 AI Analysis
How it works

The vulnerability results from improper implementation of the authentication algorithm in the 'wdk_generate_auto_login_link' function. The token generation mechanism used by this function is cryptographically weak, making the generated tokens predictable. An unauthenticated attacker can calculate or guess the correct token and then use the auto-login endpoint to log in as an administrator — without knowing the password or any credentials.

Impact

An attacker without any permissions can gain full administrative access to the WordPress site and take complete control over it, including modifying content, installing malicious plugins, stealing user data, or deploying backdoors.

Mitigation & patch

The WP Directory Kit plugin must be immediately updated to a version higher than 1.4.4. A patch is available in the plugin repository (changeset 3400599). If immediate update is not possible, consider temporarily disabling the plugin.

Who is affected

The WP Directory Kit plugin for WordPress in all versions up to and including 1.4.4.

Analysis generated by Claude AI (Anthropic) based on NVD data. Always verify with vendor.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
  • Wpdirectorykit Wp Directory Kit

    APP
    Wpdirectorykit
    ≤ 1.4.4
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
Auth Bypass
CWE
References

Related vulnerabilities

CVE-2023-2278CRITICAL9.8ten sam produkt

The WP Directory Kit plugin for WordPress is vulnerable to Local File Inclusion in versions up to, and includi...

CVE-2024-37487HIGH7.1ten sam produkt

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in w...

CVE-2024-3217HIGH8.8ten sam produkt

The WP Directory Kit plugin for WordPress is vulnerable to SQL Injection via the 'attribute_value' and 'attrib...

CVE-2024-29774HIGH7.1ten sam produkt

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WpDirect...

CVE-2023-41875MEDIUM5.3ten sam produkt

Missing Authorization vulnerability in wpdirectorykit.com WP Directory Kit allows Exploiting Incorrectly Confi...