Incorrect Privilege Assignment vulnerability in Ben Ritner - Kadence WP Kadence WooCommerce Email Designer allows Privilege Escalation. This issue affects Kadence WooCommerce Email Designer: from n/a through 1.5.16.
Fixes

Solution

Update the WordPress Kadence WooCommerce Email Designer plugin to the latest available version (at least 1.5.17).


Workaround

No workaround given by the vendor.

History

Sat, 16 Aug 2025 21:45:00 +0000

Type Values Removed Values Added
First Time appeared Kadencewp
Kadencewp kadence Woocommerce Email Designer
Wordpress
Wordpress wordpress
Vendors & Products Kadencewp
Kadencewp kadence Woocommerce Email Designer
Wordpress
Wordpress wordpress

Thu, 14 Aug 2025 15:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}


Thu, 14 Aug 2025 10:45:00 +0000

Type Values Removed Values Added
Description Incorrect Privilege Assignment vulnerability in Ben Ritner - Kadence WP Kadence WooCommerce Email Designer allows Privilege Escalation. This issue affects Kadence WooCommerce Email Designer: from n/a through 1.5.16.
Title WordPress Kadence WooCommerce Email Designer Plugin <= 1.5.16 - Privilege Escalation Vulnerability
Weaknesses CWE-266
References
Metrics cvssV3_1

{'score': 7.2, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H'}


cve-icon MITRE

Status: PUBLISHED

Assigner: Patchstack

Published:

Updated: 2025-08-14T14:40:50.243Z

Reserved: 2025-07-28T10:56:09.192Z

Link: CVE-2025-54697

cve-icon Vulnrichment

Updated: 2025-08-14T14:22:36.349Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2025-08-14T11:15:51.410

Modified: 2025-08-14T13:11:53.633

Link: CVE-2025-54697

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2025-08-16T21:41:28Z