Description
The Truelysell Core plugin for WordPress is vulnerable to privilege escalation in versions less than, or equal to, 1.8.7. This is due to insufficient validation of the user_role parameter during user registration. This makes it possible for unauthenticated attackers to create accounts with elevated privileges, including administrator access.
Published: 2026-02-14
Score: 9.8 Critical
EPSS: < 1% Very Low
KEV: No
Impact: Privilege Escalation
Action: Patch Immediately
AI Analysis

Impact

The Truelysell Core plugin for WordPress is vulnerable to unauthenticated privilege escalation in versions 1.8.7 and earlier. The flaw arises from insufficient validation of the user_role parameter during user registration, allowing attackers to create new accounts with elevated privileges, including administrator. This vulnerability is classified as CWE‑269 and grants an attacker full control over the affected WordPress site.

Affected Systems

The affected product is the Truelysell Core plugin by DreamTechnologies, used in WordPress installations. Versions equal to or earlier than 1.8.7 are impacted.

Risk and Exploitability

The CVSS score is 9.8 (Critical), indicating a severe risk. The EPSS score of <1% suggests that widespread exploitation is unlikely at present, and the vulnerability is not listed in CISA KEV. The likely attack vector is a public registration endpoint that accepts a user_role parameter without proper validation. Attackers can target any WordPress site running the vulnerable plugin, creating an account with administrator rights.

Generated by OpenCVE AI on April 20, 2026 at 18:49 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Update Truelysell Core to version 1.8.8 or later to apply the vendor fix.
  • If an immediate update is not possible, disable new user registration through WordPress settings or remove the registration form from the site until the plugin is updated.
  • As a temporary workaround, configure the plugin or use a filter to force the role assigned to new registrations to the lowest level (subscriber).
  • Verify that no other plugins or custom code modify the user_role during registration, and consider using a web application firewall rule to block attempts to supply a user_role parameter.

Generated by OpenCVE AI on April 20, 2026 at 18:49 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 17 Feb 2026 16:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Mon, 16 Feb 2026 12:15:00 +0000

Type Values Removed Values Added
First Time appeared Dreamstechnologies
Dreamstechnologies truelysell Core
Wordpress
Wordpress wordpress
Vendors & Products Dreamstechnologies
Dreamstechnologies truelysell Core
Wordpress
Wordpress wordpress

Sat, 14 Feb 2026 08:30:00 +0000

Type Values Removed Values Added
Description The Truelysell Core plugin for WordPress is vulnerable to privilege escalation in versions less than, or equal to, 1.8.7. This is due to insufficient validation of the user_role parameter during user registration. This makes it possible for unauthenticated attackers to create accounts with elevated privileges, including administrator access.
Title Truelysell Core <= 1.8.7 - Unauthenticated Privilege Escalation via Registration
Weaknesses CWE-269
References
Metrics cvssV3_1

{'score': 9.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H'}

Subscriptions

Dreamstechnologies Truelysell Core
Wordpress Wordpress
cve-icon MITRE

Status: PUBLISHED

Assigner: Wordfence

Published:

Updated: 2026-04-08T17:15:49.406Z

Reserved: 2025-08-04T22:01:31.166Z

Link: CVE-2025-8572

cve-icon Vulnrichment

Updated: 2026-02-17T15:39:47.122Z

cve-icon NVD

Status : Deferred

Published: 2026-02-14T09:16:11.490

Modified: 2026-04-15T00:35:42.020

Link: CVE-2025-8572

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-20T19:00:10Z

Weaknesses