This is a summary of the AI-generated 10-question deep analysis. The full version (longer answers, follow-up Q&A, related CVEs) requires login. Read the full analysis β
Q1What is this vulnerability? (Essence + Consequences)
π¨ **Essence**: Unauthenticated Privilege Escalation in Profitori Plugin. <br>π₯ **Consequences**: Attackers can escalate existing user privileges or create new admin accounts without any login.β¦
π **Hackers Can**: <br>1. Escalate privileges of **existing users** to Admin. <br>2. Create **new admin accounts**. <br>3. Gain full control over the WordPress site data and configuration.
π **Public Exploit**: **YES**. <br>π **PoC Available**: GitHub repository `Nxploited/CVE-2025-4631` provides a working exploit script. <br>β οΈ **Status**: Wild exploitation is possible immediately.
Q7How to self-check? (Features/Scanning)
π **Self-Check**: <br>1. Check WordPress Plugins list for **Profitori**. <br>2. Verify version is between **2.0.6.0** and **2.1.1.3**. <br>3. Scan for the endpoint `/wp-json/stocktend/v1/stocktend_object`.
Q8Is it fixed officially? (Patch/Mitigation)
π‘οΈ **Official Fix**: **YES**. <br>π **Patch**: Update to version **2.1.1.3** or later (as 2.1.1.3 is the upper bound of the vulnerable range, check for newer releases).β¦
π§ **No Patch Workaround**: <br>1. **Block Access**: Restrict access to `/wp-json/stocktend/v1/stocktend_object` via WAF or firewall. <br>2. **Disable Plugin**: Temporarily deactivate Profitori if not critical. <br>3.β¦
π₯ **Urgency**: **CRITICAL / IMMEDIATE**. <br>β³ **Priority**: **P0**. <br>π‘ **Reason**: Unauthenticated, high CVSS (9.8), public PoC available. Patch immediately to prevent full site compromise.