Description
The 'Videospirecore Theme Plugin' plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 1.0.6. This is due to the plugin not properly validating a user's identity prior to updating their details like email. This makes it possible for authenticated attackers, with Subscriber-level access and above, to change arbitrary user's email addresses, including administrators, and leverage that to reset the user's password and gain access to their account.
Published: 2026-02-11
Score: 8.8 High
EPSS: < 1% Very Low
KEV: No
Impact: Privilege Escalation via Account Takeover
Action: Patch Now
AI Analysis

Impact

The vulnerability in the Videospirecore Theme Plugin allows an authenticated user with Subscriber level or higher privileges to change the email address of any other user, including administrators. Because the plugin does not verify the identity of the requestor before allowing updates to user data, an attacker can alter another user’s email and then reset that user’s password, enabling complete takeover of the target account. This weakness corresponds to CWE‑639, which describes privilege escalation through inadequate privilege checks.

Affected Systems

All releases of the Videospirecore Theme Plugin up to and including version 1.0.6 are affected. The plugin’s lack of proper identity verification when updating user details is the root cause.

Risk and Exploitability

The CVSS score of 8.8 indicates high severity, while the EPSS score of below 1 % suggests a low current probability of exploitation. The vulnerability is not listed in the CISA KEV catalog, but it still poses a serious risk because authenticated users with subscriber level can leverage it to compromise administrators. Once the attacker has a subscriber account, the exploit path—changing another user's email, followed by resetting their password—is straightforward and can lead to full site control.

Generated by OpenCVE AI on April 21, 2026 at 00:15 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Update the Videospirecore Theme Plugin to the latest version that addresses the identity verification flaw.
  • If an immediate update is not possible, remove the capability that allows subscribers to change other users’ email addresses or reduce their privileges to prevent the exploit.
  • Audit user roles on the site and confirm that only administrators retain permission to modify user email addresses; monitor for unusual password reset activity.

Generated by OpenCVE AI on April 21, 2026 at 00:15 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 11 Feb 2026 22:15:00 +0000

Type Values Removed Values Added
First Time appeared Kamleshyadav
Kamleshyadav videospirecore Theme Plugin
Wordpress
Wordpress wordpress
Vendors & Products Kamleshyadav
Kamleshyadav videospirecore Theme Plugin
Wordpress
Wordpress wordpress

Wed, 11 Feb 2026 16:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Wed, 11 Feb 2026 10:00:00 +0000

Type Values Removed Values Added
Description The 'Videospirecore Theme Plugin' plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 1.0.6. This is due to the plugin not properly validating a user's identity prior to updating their details like email. This makes it possible for authenticated attackers, with Subscriber-level access and above, to change arbitrary user's email addresses, including administrators, and leverage that to reset the user's password and gain access to their account.
Title Videospirecore Theme Plugin <= 1.0.6 - Authenticated (Subscriber+) Privilege Escalation via User Email Change/Account Takeover
Weaknesses CWE-639
References
Metrics cvssV3_1

{'score': 8.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H'}

Subscriptions

Kamleshyadav Videospirecore Theme Plugin
Wordpress Wordpress
cve-icon MITRE

Status: PUBLISHED

Assigner: Wordfence

Published:

Updated: 2026-04-08T17:19:22.736Z

Reserved: 2025-12-25T15:05:00.627Z

Link: CVE-2025-15096

cve-icon Vulnrichment

Updated: 2026-02-11T15:19:58.368Z

cve-icon NVD

Status : Deferred

Published: 2026-02-11T10:15:49.970

Modified: 2026-04-15T00:35:42.020

Link: CVE-2025-15096

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-21T00:30:22Z

Weaknesses