CVE-2025-13563
📋 TL;DR
This vulnerability allows unauthenticated attackers to register as administrators on WordPress sites using the Lizza LMS Pro plugin. All WordPress sites running Lizza LMS Pro version 1.0.3 or earlier are affected. Attackers can gain full administrative control without any authentication.
💻 Affected Systems
- Lizza LMS Pro WordPress Plugin
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
Complete site takeover - attackers gain administrator access, can install backdoors, steal data, deface the site, or use the site for further attacks.
Likely Case
Site compromise leading to data theft, malware injection, or use as part of a botnet. Most attackers will exploit this for immediate administrative access.
If Mitigated
Limited impact if plugin is disabled or removed, but any existing compromised accounts would need remediation.
🎯 Exploit Status
Exploitation requires sending a specially crafted registration request. No authentication or special skills needed.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: 1.0.4 or later
Vendor Advisory: https://themeforest.net/item/lizza-lms-education-wordpress-theme/51057780
Restart Required: No
Instructions:
1. Log into WordPress admin panel. 2. Navigate to Plugins → Installed Plugins. 3. Find Lizza LMS Pro plugin. 4. Click 'Update Now' if update available. 5. If no update available, disable plugin immediately.
🔧 Temporary Workarounds
Disable Lizza LMS Pro Plugin
allImmediately disable the vulnerable plugin to prevent exploitation
wp plugin deactivate lizza-lms-pro
Restrict User Registration
allDisable user registration in WordPress settings if not required
wp option update users_can_register 0
🧯 If You Can't Patch
- Disable the Lizza LMS Pro plugin immediately
- Implement web application firewall rules to block registration requests with administrator role parameter
🔍 How to Verify
Check if Vulnerable:
Check WordPress admin → Plugins → Installed Plugins for Lizza LMS Pro version 1.0.3 or earlierCheck Version:
wp plugin get lizza-lms-pro --field=versionVerify Fix Applied:
Verify plugin version is 1.0.4 or later, or plugin is disabled📡 Detection & Monitoring
Log Indicators:
- Unusual user registrations with administrator role
- Multiple failed registration attempts
- New administrator accounts from unexpected IPs
Network Indicators:
- HTTP POST requests to registration endpoints with 'administrator' role parameter
- Unusual spikes in registration traffic
SIEM Query:
source="wordpress" AND (event="user_registration" AND role="administrator") OR (url_path="/wp-admin/admin-ajax.php" AND post_data CONTAINS "administrator")