CVE-2025-2238 - Vulnerability Details

- Vikinger <= 1.9.30 - Authenticated (Subscriber+) Privilege Escalation via 'vikinger_user_meta_update_ajax'

Description

The Vikinger theme for WordPress is vulnerable to privilege in all versions up to, and including, 1.9.30. This is due to insufficient user_meta restrictions in the 'vikinger_user_meta_update_ajax' function. This makes it possible for authenticated attackers, with Subscriber-level access and above, to escalate their privileges to Administrator-level.

Published: 2025-04-25

Score: 8.8 High

EPSS: < 1% Very Low

KEV: No

Impact:

Action:

Analysis

Impact

The Vikinger WordPress theme contains a flaw in the vikinger_user_meta_update_ajax function that fails to properly restrict user meta updates, which is a vulnerability classified as CWE‑269 (Privilege Validation Required). As a result, any authenticated user with Subscriber level access or higher can bypass normal role checks and gain Administrator privileges. This elevation can lead to complete control over the site, including the ability to install plugins, alter settings, and access sensitive information.

Affected Systems

Vendors: Odin_Design. Product: Vikinger theme for WordPress. Versions affected: all releases up to and including 1.9.30. Users running these versions may be vulnerable if an attacker can authenticate as a Subscriber or higher role.

Risk and Exploitability

The CVSS score of 8.8 indicates a high severity exposure, while an EPSS score of <1% suggests low current exploitation probability. The vulnerability is not listed in the CISA KEV catalog. Attackers need only valid user credentials with Subscriber or higher role to trigger the exploit, making it an authenticated privilege escalation rather than a remote code execution.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

Odin_Design

Vikinger

unaffected

Version	Status	Constraints
`0`	affected	≤ 1.9.30

No data.

Vendor	Product	Confidence	Versions
Wordpress	Wordpress	—	—

Found an issue or want to improve our Enrichment? You can suggest it directly by opening an issue on our dedicated GitHub repository .

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

Update the Vikinger theme to a version newer than 1.9.30 that contains the fix for the ajax handler.
If a quick theme upgrade is not possible, modify or disable the vikinger_user_meta_update_ajax handler so that only users with Administrator capability can execute it. This can be achieved by adding an access check that rejects non-admin requests.
Deploy a web application firewall rule that blocks or alerts on calls to the vikinger_user_meta_update_ajax endpoint from roles below Administrator to mitigate the risk while a patch is applied.

Generated by OpenCVE AI on April 22, 2026 at 01:38 UTC.

Tracking

Sign in to view the affected projects.

Advisories

Source	ID	Title
EUVD	EUVD-2025-12389	The Vikinger theme for WordPress is vulnerable to privilege in all versions up to, and including, 1.9.30. This is due to insufficient user_meta restrictions in the 'vikinger_user_meta_update_ajax' function. This makes it possible for authenticated attackers, with Subscriber-level access and above, to escalate their privileges to Administrator-level.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00255.

Exploitation none

Automatable no

Technical Impact total

References

Link	Providers
https://themeforest.net/item/vikinger-buddypress-and-gamipress-social-community/28612259
https://www.wordfence.com/threat-intel/vulnerabilities/id/9e0cba5b-5833-4c02-ac17-830994b0f207?source=cve

History

Fri, 25 Apr 2025 16:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

Fri, 25 Apr 2025 07:00:00 +0000

Type	Values Removed	Values Added
Description		The Vikinger theme for WordPress is vulnerable to privilege in all versions up to, and including, 1.9.30. This is due to insufficient user_meta restrictions in the 'vikinger_user_meta_update_ajax' function. This makes it possible for authenticated attackers, with Subscriber-level access and above, to escalate their privileges to Administrator-level.
Title		Vikinger <= 1.9.30 - Authenticated (Subscriber+) Privilege Escalation via 'vikinger_user_meta_update_ajax'
Weaknesses		CWE-269
References		https://themeforest.net/item/vikinger-buddypress-and-gamipress-social-community/28612259 https://www.wordfence.com/threat-intel/vulnerabilities/id/9e0cba5b-5833-4c02-ac17-830994b0f207?source=cve
Metrics		cvssV3_1 `{'score': 8.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H'}`

Subscriptions

Wordpress Wordpress

MITRE

Status: PUBLISHED

Assigner: Wordfence

Published: 2025-04-25T06:45:28.836Z

Updated: 2026-04-08T17:11:41.212Z

Reserved: 2025-03-11T23:50:47.122Z

Link: CVE-2025-2238

Vulnrichment

Updated: 2025-04-25T15:38:50.453Z

NVD

Status : Deferred

Published: 2025-04-25T07:15:47.523

Modified: 2026-04-15T00:35:42.020

Link: CVE-2025-2238

Redhat

No data.

OpenCVE Enrichment

Updated: 2026-04-22T01:45:05Z

Weaknesses

CWE-269

Impact

Affected Systems

Risk and Exploitability

Tracking

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Exploitation none

Automatable no

Technical Impact total

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object