CVE-2025-0316 - Vulnerability Details

- WP Directorybox Manager <= 2.5 - Authentication Bypass

Description

The WP Directorybox Manager plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 2.5. This is due to incorrect authentication in the 'wp_dp_enquiry_agent_contact_form_submit_callback' function. This makes it possible for unauthenticated attackers to log in as any existing user on the site, such as an administrator, if they have access to the username.

Published: 2025-02-08

Score: 9.8 Critical

EPSS: < 1% Very Low

KEV: No

Impact:

Action:

Analysis

Impact

The WP Directorybox Manager plugin contains a flaw in the wp_dp_enquiry_agent_contact_form_submit_callback function that allows an attacker to authenticate as any existing user by simply supplying a valid username. This weakness enables unauthorized access to site accounts and any privileges associated with them, including administrator rights if the target username is known. The vulnerability is a classic Authentication Bypass (CWE-288) and can lead to full control of the WordPress installation.

Affected Systems

The issue affects the Chimpstudio WP Directorybox Manager plugin for WordPress, version 2.5 and earlier. Site owners using any of these versions are at risk.

Risk and Exploitability

The CVSS v3.1 score of 9.8 indicates Critical severity. The EPSS score of less than 1% suggests current exploitation probability is low but not zero, so the threat is present but uncommon. The vulnerability is not listed in the CISA KEV catalog. Attacks would most likely originate from remote clients that can submit the vulnerable contact form, four steps: reach the form endpoint, provide a known username, trigger the callback, and obtain a valid authentication cookie. No special privileges or network access are required beyond being able to send an HTTP request.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

Chimpstudio

WP Directorybox Manager

unaffected

Version	Status	Constraints
`0`	affected	≤ 2.5

No data.

Vendor	Product	Confidence	Versions
Wordpress	Wordpress	—	—

Found an issue or want to improve our Enrichment? You can suggest it directly by opening an issue on our dedicated GitHub repository .

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

Update WP Directorybox Manager to the latest version, at least 2.6, to eliminate the unauthenticated access flaw.
Revoke and immediately regenerate usernames, passwords, and API tokens for all user accounts, especially administrators, to mitigate potential credential compromise.
Modify or disable the wp_dp_enquiry_agent_contact_form_submit_callback endpoint by adding an authentication check or replacing it with a secure alternative that requires a logged‑in user or CAPTCHA verification.

Generated by OpenCVE AI on April 28, 2026 at 03:43 UTC.

Tracking

Sign in to view the affected projects.

Advisories

Source	ID	Title
EUVD	EUVD-2025-1600	The WP Directorybox Manager plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 2.5. This is due to incorrect authentication in the 'wp_dp_enquiry_agent_contact_form_submit_callback' function. This makes it possible for unauthenticated attackers to log in as any existing user on the site, such as an administrator, if they have access to the username.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00159.

Exploitation none

Automatable yes

Technical Impact total

References

Link	Providers
https://themeforest.net/item/directory-multipurpose-wordpress-theme/10480929
https://www.wordfence.com/threat-intel/vulnerabilities/id/3ee1f412-7555-4dec-ba59-49412471a42f?source=cve

History

Wed, 12 Feb 2025 21:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

Sat, 08 Feb 2025 21:30:00 +0000

Type	Values Removed	Values Added
Description		The WP Directorybox Manager plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 2.5. This is due to incorrect authentication in the 'wp_dp_enquiry_agent_contact_form_submit_callback' function. This makes it possible for unauthenticated attackers to log in as any existing user on the site, such as an administrator, if they have access to the username.
Title		WP Directorybox Manager <= 2.5 - Authentication Bypass
Weaknesses		CWE-288
References		https://themeforest.net/item/directory-multipurpose-wordpress-theme/10480929 https://www.wordfence.com/threat-intel/vulnerabilities/id/3ee1f412-7555-4dec-ba59-49412471a42f?source=cve
Metrics		cvssV3_1 `{'score': 9.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H'}`

Subscriptions

Wordpress Wordpress

MITRE

Status: PUBLISHED

Assigner: Wordfence

Published: 2025-02-08T21:20:58.901Z

Updated: 2026-04-08T16:48:05.213Z

Reserved: 2025-01-07T18:43:54.464Z

Link: CVE-2025-0316

Vulnrichment

Updated: 2025-02-12T20:46:27.687Z

NVD

Status : Deferred

Published: 2025-02-08T22:15:28.477

Modified: 2026-04-15T00:35:42.020

Link: CVE-2025-0316

Redhat

No data.

OpenCVE Enrichment

Updated: 2026-04-28T03:45:20Z

Weaknesses

CWE-288

Impact

Affected Systems

Risk and Exploitability

Tracking

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Exploitation none

Automatable yes

Technical Impact total

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object