{"id":49270,"date":"2025-06-06T07:34:50","date_gmt":"2025-06-06T07:34:50","guid":{"rendered":""},"modified":"2025-07-10T05:55:44","modified_gmt":"2025-07-10T11:55:44","slug":"cve-2025-4607-privilege-escalation-vulnerability-in-psw-front-end-login-registration-plugin-for-wordpress","status":"publish","type":"post","link":"https:\/\/www.ameeba.com\/blog\/cve-2025-4607-privilege-escalation-vulnerability-in-psw-front-end-login-registration-plugin-for-wordpress\/","title":{"rendered":"CVE-2025-4607: Privilege Escalation Vulnerability in PSW Front-end Login & Registration Plugin for WordPress<\/strong>"},"content":{"rendered":"

Overview<\/strong><\/p>\n

The ubiquity of WordPress as a content management system has made it a prime target for cyber-attacks. The CVE-2025-4607 vulnerability is a critical security flaw found in the PSW Front-end Login & Registration Plugin for WordPress. This vulnerability affects all versions of the plugin<\/a> up to and including version 1.12. The consequence of this vulnerability is that it allows for privilege escalation<\/a>, potentially leading to a full system compromise or data leakage. Understanding this vulnerability, its impact, and how to mitigate it is of paramount importance to anyone using the PSW Front-end Login & Registration Plugin for WordPress<\/a>.<\/p>\n

Vulnerability Summary<\/strong><\/p>\n

CVE ID: CVE-2025-4607
\nSeverity: Critical (9.8)
\nAttack Vector: Network
\nPrivileges Required: None
\nUser Interaction: None
\nImpact: Full system compromise or data leakage<\/a><\/p>\n

Affected Products<\/strong><\/p>

\r\n

\r\n \r\n \"Ameeba\r\n <\/a>\r\n A new way to communicate\r\n <\/h2>\r\n\r\n

\r\n Ameeba Chat is built on encrypted identity, not personal profiles.\r\n <\/p>\r\n\r\n

\r\n Message, call, share files, and coordinate with identities kept separate.\r\n <\/p>\r\n\r\n