CVE-2025-5117

HIGH EPSS 29.1%

Published May 27, 20251y ago · Modified Jun 17, 20261w ago

8.8 CVSS 3.1

High

Published May 27, 2025 1y ago

Last Modified Jun 17, 2026 1w ago

Description

The Property plugin for WordPress is vulnerable to Privilege Escalation due to a missing capability check on the use of the property_package_user_role metadata in versions 1.0.5 to 1.0.6. This makes it possible for authenticated attackers, with Author‐level access and above, to elevate their privileges to that of an administrator by creating a package post whose property_package_user_role is set to administrator and then submitting the PayPal registration form.

CVSS Details

Base Score

8.8

Exploitability

2.8

Impact

5.9

Vector string

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Attack Vector Network

Attack Complexity Low

Privileges Required Low

User Interaction None

Scope Unchanged

Confidentiality High

Integrity High

Availability High

Threat Intelligence

EPSS Exploit Probability

29.1% percentile

Exploit & Patch Status

No Known Exploit

No Patch Available

Weaknesses 1

CWE-862 Missing Authorization Authorization

References 5

plugins.trac.wordpress.org https://plugins.trac.wordpress.org/browser/property/tags/1.0.6/admin/pages/payment-inc/paypal-submit.php#L128
plugins.trac.wordpress.org https://plugins.trac.wordpress.org/browser/property/tags/1.0.6/property.php#L1964
plugins.trac.wordpress.org https://plugins.trac.wordpress.org/changeset/3299714/
wordpress.org https://wordpress.org/plugins/property/#developers
wordfence.com https://www.wordfence.com/threat-intel/vulnerabilities/id/df48f7f9-7bc9-4f9b-b9b5-6bfb86309030?source=cve

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.