{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-25009", "assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3", "state": "PUBLISHED", "assignerShortName": "Patchstack", "dateReserved": "2026-01-28T09:51:50.023Z", "datePublished": "2026-03-25T16:14:37.014Z", "dateUpdated": "2026-03-26T16:40:31.877Z"}, "containers": {"cna": {"affected": [{"collectionURL": "https://wordpress.org/plugins", "defaultStatus": "unaffected", "packageName": "education-zone", "product": "Education Zone", "vendor": "raratheme", "versions": [{"changes": [{"at": "1.3.9", "status": "unaffected"}], "lessThanOrEqual": "<= 1.3.8", "status": "affected", "version": "n/a", "versionType": "custom"}]}], "credits": [{"lang": "en", "type": "finder", "value": "John P | Patchstack Bug Bounty Program"}], "datePublic": "2026-03-25T17:12:18.056Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Missing Authorization vulnerability in raratheme Education Zone education-zone allows Exploiting Incorrectly Configured Access Control Security Levels.<p>This issue affects Education Zone: from n/a through <= 1.3.8.</p>"}], "value": "Missing Authorization vulnerability in raratheme Education Zone education-zone allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Education Zone: from n/a through <= 1.3.8."}], "impacts": [{"capecId": "CAPEC-180", "descriptions": [{"lang": "en", "value": "Exploiting Incorrectly Configured Access Control Security Levels"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-862", "description": "Missing Authorization", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "21595511-bba5-4825-b968-b78d1f9984a3", "shortName": "Patchstack", "dateUpdated": "2026-03-25T16:14:37.014Z"}, "references": [{"tags": ["vdb-entry"], "url": "https://patchstack.com/database/Wordpress/Theme/education-zone/vulnerability/wordpress-education-zone-theme-1-3-8-broken-access-control-vulnerability?_s_id=cve"}], "title": "WordPress Education Zone theme <= 1.3.8 - Broken Access Control vulnerability"}, "adp": [{"metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2026-25009", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-03-26T16:32:22.769007Z"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-26T16:40:31.877Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2026-25009", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-03-26T16:32:22.769007Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-26T16:32:23.730Z"}}], "cna": {"title": "WordPress Education Zone theme <= 1.3.8 - Broken Access Control vulnerability", "credits": [{"lang": "en", "type": "finder", "value": "John P | Patchstack Bug Bounty Program"}], "impacts": [{"capecId": "CAPEC-180", "descriptions": [{"lang": "en", "value": "Exploiting Incorrectly Configured Access Control Security Levels"}]}], "affected": [{"vendor": "raratheme", "product": "Education Zone", "versions": [{"status": "affected", "changes": [{"at": "1.3.9", "status": "unaffected"}], "version": "n/a", "versionType": "custom", "lessThanOrEqual": "<= 1.3.8"}], "packageName": "education-zone", "collectionURL": "https://wordpress.org/plugins", "defaultStatus": "unaffected"}], "datePublic": "2026-03-25T17:12:18.056Z", "references": [{"url": "https://patchstack.com/database/Wordpress/Theme/education-zone/vulnerability/wordpress-education-zone-theme-1-3-8-broken-access-control-vulnerability?_s_id=cve", "tags": ["vdb-entry"]}], "descriptions": [{"lang": "en", "value": "Missing Authorization vulnerability in raratheme Education Zone education-zone allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Education Zone: from n/a through <= 1.3.8.", "supportingMedia": [{"type": "text/html", "value": "Missing Authorization vulnerability in raratheme Education Zone education-zone allows Exploiting Incorrectly Configured Access Control Security Levels.<p>This issue affects Education Zone: from n/a through <= 1.3.8.</p>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-862", "description": "Missing Authorization"}]}], "providerMetadata": {"orgId": "21595511-bba5-4825-b968-b78d1f9984a3", "shortName": "Patchstack", "dateUpdated": "2026-03-25T16:14:37.014Z"}}}, "cveMetadata": {"cveId": "CVE-2026-25009", "state": "PUBLISHED", "dateUpdated": "2026-03-26T16:40:31.877Z", "dateReserved": "2026-01-28T09:51:50.023Z", "assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3", "datePublished": "2026-03-25T16:14:37.014Z", "assignerShortName": "Patchstack"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Missing Authorization vulnerability in raratheme Education Zone education-zone allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Education Zone: from n/a through <= 1.3.8."}, {"lang": "es", "value": "Vulnerabilidad de autorizaci\u00f3n faltante en raratheme Education Zone education-zone permite la explotaci\u00f3n de niveles de seguridad de control de acceso configurados incorrectamente. Este problema afecta a Education Zone: desde n/a hasta &lt;= 1.3.8."}], "id": "CVE-2026-25009", "lastModified": "2026-03-26T17:16:29.507", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 2.5, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2026-03-25T17:16:41.743", "references": [{"source": "audit@patchstack.com", "url": "https://patchstack.com/database/Wordpress/Theme/education-zone/vulnerability/wordpress-education-zone-theme-1-3-8-broken-access-control-vulnerability?_s_id=cve"}], "sourceIdentifier": "audit@patchstack.com", "vulnStatus": "Received", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-862"}], "source": "audit@patchstack.com", "type": "Secondary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[0,1.3.8]"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "semver", "value": "1.3.9"}}], "enrichment": {"confidence": 98.0, "confidence_source": "matching", "scores": [{"score": 98.0, "source": "matching"}]}, "original": {"product": "Education Zone", "source": "cna", "vendor": "raratheme"}, "product": "education_zone", "vendor": "rarathemes"}, {"configurations": [{"platform": null, "status": "unaffected", "versions": null}], "enrichment": {"confidence": 80.0, "confidence_source": "inferred", "scores": [{"score": 80.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "product": "wordpress", "vendor": "wordpress"}], "analysis": {"en": {"generated_at": "2026-03-25T18:14:44.705810+00:00", "value": {"mitigation_remediation": ["Update the Education Zone theme to a version newer than 1.3.8, preferably the latest stable release.", "If an upgrade is not feasible, deactivate the Education Zone theme or replace it with a secure alternative.", "Revoke any unneeded administrator accounts and review user permissions.", "Monitor the site\u2019s access logs for suspicious activity and apply general WordPress hardening recommendations."], "summary": {"action": "Immediate Patch", "impact": "Unauthorized access via broken access control"}, "threat_synthesis": {"affected_systems": "The impacted product is the Education Zone theme distributed by rraritheme for WordPress. All versions from the earliest release up through 1.3.8 are vulnerable. WordPress installations that currently rely on any of these versions are at risk. No other version numbers or configurations are explicitly listed as unaffected.", "description_and_impact": "WordPress sites that use the rraritheme Education Zone theme version 1.3.8 or earlier are affected by a missing authorization flaw that allows attackers to bypass normal access controls. The flaw permits an unauthenticated or low\u2011privilege user to perform actions that should be restricted, such as modifying site settings, creating new administrators, or accessing protected content. Because the vulnerability resides inside the theme\u2019s code, an attacker can exploit it by simply visiting a crafted URL or interacting with a theme\u2011provided interface. The weakness is categorized as CWE\u2011862, a broken access control.", "risk_and_exploitability": "No EPSS score is available and the vulnerability is not listed in the CISA KEV catalog, so there is limited information about exploitation trends. However, the lack of authorization makes this flaw a high\u2011risk issue, as it can lead to complete compromise of a WordPress site if not patched. The attack path appears to be straightforward via the public web interface or theme\u2011controlled endpoints, with no special environmental conditions mentioned."}}}}, "created": "2026-03-25T21:34:21.573481+00:00", "updated": "2026-03-26T11:39:35.812867+00:00", "vendors": ["rarathemes", "rarathemes$PRODUCT$education_zone", "wordpress", "wordpress$PRODUCT$wordpress"]}