CVE-2025-4474: Frontend Dashboard 1.0 - 2.2.7 - Missing Authorization to Authenticated (Subscriber+) Privilege Escalation via fed_admin_setting_form_function Func...
Description
The Frontend Dashboard plugin for WordPress is vulnerable to Privilege Escalation due to a missing capability check on the fed_admin_setting_form_function() function in versions 1.0 to 2.2.7. This makes it possible for authenticated attackers, with Subscriber-level access and above, to overwrite the plugin’s 'register' role setting to make new user registrations default to the administrator role, leading to an elevation of privileges to that of an administrator.
Classification
CVE ID: CVE-2025-4474
CVSS Base Severity: HIGH
CVSS Base Score: 8.8
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Problem Types
CWE-285 Improper AuthorizationAffected Products
Vendor: vinoth06
Product: Frontend Dashboard
Exploit Prediction Scoring System (EPSS)
EPSS Score: 0.05% (probability of being exploited)
EPSS Percentile: 14.31% (scored less or equal to compared to others)
EPSS Date: 2025-06-06 (when was this score calculated)
References
https://nvd.nist.gov/vuln/detail/CVE-2025-4474https://www.wordfence.com/threat-intel/vulnerabilities/id/fb61159a-e501-4c55-a384-b6049e0f0bc8?source=cve
https://wordpress.org/plugins/frontend-dashboard/#developers
https://plugins.trac.wordpress.org/browser/frontend-dashboard/tags/2.2.7/includes/admin/request/admin.php#L26
https://plugins.trac.wordpress.org/browser/frontend-dashboard/tags/2.2.7/includes/admin/request/tabs/login.php#L14
https://plugins.trac.wordpress.org/changeset/3290623/