The Doccure theme for WordPress is vulnerable to Arbitrary User Password Change in versions up to, and including, 1.4.8. This is due to the plugin pro

WORDPRESS

09-09-2025 14:16

CVE-2025-9114 Vulnerabilidad documentada

Sin puntuación

Tags

#wordpress

#plugin

#source

#change

#admin

#attackers

#authenticated

#bypass

#arbitrary

#vulnerable

#pass

#password

#attack

#access

Descripción

The Doccure theme for WordPress is vulnerable to Arbitrary User Password Change in versions up to, and including, 1.4.8. This due the plugin providing user-controlled access objects, letting a user bypass authorization system resources. makes it possible unauthenticated attackers change passwords potentially take over administrator accounts.

https://themeforest.net/item/doccure-medical-wordpress-theme/34329202

https://www.wordfence.com/threat-intel/vulnerabilities/id/8f8b1d8f-b2b6-415c-91f2-e5b98048258d?source=cve

Referencia

Link externo

Ver detalles

Fuente

https://nvd.nist.gov/vuln/detail/CVE-2025-9114

Resultados similares

Coincidentes en almenos en 50% de los tags

09-09-2025 CVE-2025-9113
The Doccure theme for WordPress is vulnerable to arbitrary file uploads due to missing file typ...
Ver información

09-09-2025 CVE-2025-9112
The Doccure theme for WordPress is vulnerable to arbitrary file uploads due to incorrect file t...
Ver información