CVE-2025-13342 - Vulnerability Details

- Frontend Admin by DynamiApps <= 3.28.20 - Unauthenticated Arbitrary Options Update

Description

The Frontend Admin by DynamiApps plugin for WordPress is vulnerable to unauthorized modification of arbitrary WordPress options in all versions up to, and including, 3.28.20. This is due to insufficient capability checks and input validation in the ActionOptions::run() save handler. This makes it possible for unauthenticated attackers to modify critical WordPress options such as users_can_register, default_role, and admin_email via submitting crafted form data to public frontend forms.

Published: 2025-12-03

Score: 9.8 Critical

EPSS: < 1% Very Low

KEV: No

Impact:

Action:

Analysis

Impact

The Frontend Admin by DynamiApps plugin contains a flaw that allows unauthenticated users to modify critical WordPress options such as users_can_register, default_role, and admin_email. The weakness arises from missing capability checks and improper input validation in the ActionOptions::run() save handler (CWE‑862). By changing these options, an attacker could alter site registration settings, elevate user privileges, or redirect email traffic to a malicious address, undermining the confidentiality, integrity, and availability of the site.

Affected Systems

All WordPress installations that use Frontend Admin by DynamiApps up to and including version 3.28.20 are affected. The vulnerability is present in all earlier releases and is documented by the plugin vendor shabti.

Risk and Exploitability

This vulnerability can be exploited simply by submitting crafted form data to any public Frontend Admin form, without authentication. Although its EPSS score is below 1%, the CVSS score of 9.8 classifies it as critical. It is not yet listed in the CISA KEV catalog, but the lack of protection against unauthenticated option changes presents a high risk. Attacks would proceed through the public frontend interface, allowing remote modification of site configuration.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

shabti

Frontend Admin by DynamiApps

unaffected

Version	Status	Constraints
`0`	affected	≤ 3.28.20

No data.

Vendor	Product	Confidence	Versions
Dynamiapps	Frontend Admin	—	—
Wordpress	Wordpress	—	—

Found an issue or want to improve our Enrichment? You can suggest it directly by opening an issue on our dedicated GitHub repository .

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

Upgrade the Frontend Admin by DynamiApps plugin to the latest version (3.28.21 or newer) to remove the capability checks flaw.
Restrict public access to frontend forms or implement authentication checks to prevent unauthenticated submissions.
Audit and harden WordPress option settings, ensuring critical options such as default_role and admin_email are protected and monitored for unauthorized changes.

Generated by OpenCVE AI on April 21, 2026 at 17:50 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.0005.

Exploitation none

Automatable yes

Technical Impact total

References

Link	Providers
https://plugins.trac.wordpress.org/changeset/3400432/acf-frontend-form-element
https://www.wordfence.com/threat-intel/vulnerabilities/id/613f2035-3061-429b-b218-83805287e4f3?source=cve

History

Thu, 04 Dec 2025 16:45:00 +0000

Type	Values Removed	Values Added
First Time appeared		Dynamiapps Dynamiapps frontend Admin Wordpress Wordpress wordpress
Vendors & Products		Dynamiapps Dynamiapps frontend Admin Wordpress Wordpress wordpress

Wed, 03 Dec 2025 14:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

Wed, 03 Dec 2025 12:45:00 +0000

Type	Values Removed	Values Added
Description		The Frontend Admin by DynamiApps plugin for WordPress is vulnerable to unauthorized modification of arbitrary WordPress options in all versions up to, and including, 3.28.20. This is due to insufficient capability checks and input validation in the ActionOptions::run() save handler. This makes it possible for unauthenticated attackers to modify critical WordPress options such as users_can_register, default_role, and admin_email via submitting crafted form data to public frontend forms.
Title		Frontend Admin by DynamiApps <= 3.28.20 - Unauthenticated Arbitrary Options Update
Weaknesses		CWE-862
References		https://plugins.trac.wordpress.org/changeset/3400432/acf-frontend-form-element https://www.wordfence.com/threat-intel/vulnerabilities/id/613f2035-3061-429b-b218-83805287e4f3?source=cve
Metrics		cvssV3_1 `{'score': 9.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H'}`

Subscriptions

Dynamiapps Frontend Admin

Wordpress Wordpress

MITRE

Status: PUBLISHED

Assigner: Wordfence

Published: 2025-12-03T12:29:55.422Z

Updated: 2026-04-08T16:56:46.813Z

Reserved: 2025-11-17T23:15:13.995Z

Link: CVE-2025-13342

Vulnrichment

Updated: 2025-12-03T14:00:32.953Z

NVD

Status : Deferred

Published: 2025-12-03T13:16:02.007

Modified: 2026-04-15T00:35:42.020

Link: CVE-2025-13342

Redhat

No data.

OpenCVE Enrichment

Updated: 2026-04-21T18:00:11Z

Weaknesses

CWE-862

Impact

Affected Systems

Risk and Exploitability

Tracking

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Exploitation none

Automatable yes

Technical Impact total

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object