The Buyent Classified plugin for WordPress (bundled with Buyent theme) is vulnerable to privilege escalation via user registration in all versions up to, and including, 1.0.7. This is due to the plugin not validating or restricting the user role during registration via the REST API endpoint. This makes it possible for unauthenticated attackers to register accounts with arbitrary roles, including administrator, by manipulating the _buyent_classified_user_type parameter during the registration process, granting them complete control over the WordPress site.
Metrics
Affected Vendors & Products
No data.
No data.
No data.
No data.
References
History
Thu, 19 Feb 2026 05:00:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | The Buyent Classified plugin for WordPress (bundled with Buyent theme) is vulnerable to privilege escalation via user registration in all versions up to, and including, 1.0.7. This is due to the plugin not validating or restricting the user role during registration via the REST API endpoint. This makes it possible for unauthenticated attackers to register accounts with arbitrary roles, including administrator, by manipulating the _buyent_classified_user_type parameter during the registration process, granting them complete control over the WordPress site. | |
| Title | Buyent Theme (with Buyent Classified Plugin) <= 1.0.7 - Unauthenticated Privilege Escalation via User Registration | |
| Weaknesses | CWE-269 | |
| References |
| |
| Metrics |
cvssV3_1
|
MITRE
Status: PUBLISHED
Assigner: Wordfence
Published:
Updated: 2026-02-19T04:36:27.334Z
Reserved: 2025-12-01T20:07:37.511Z
Link: CVE-2025-13851
Vulnrichment
No data.
NVD
No data.
Redhat
No data.
OpenCVE Enrichment
No data.