CVE-2025-6325
📋 TL;DR
This vulnerability allows attackers to escalate privileges in WordPress sites using the King Addons for Elementor plugin. Attackers can gain administrative access without proper authentication. All WordPress sites running vulnerable versions of this plugin are affected.
💻 Affected Systems
- King Addons for Elementor WordPress Plugin
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
Complete site takeover where attackers gain full administrative control, can install backdoors, steal data, deface the site, or use it for further attacks.
Likely Case
Attackers gain administrative access to compromise the WordPress site, potentially installing malicious plugins/themes or stealing sensitive information.
If Mitigated
Limited impact if proper access controls, monitoring, and network segmentation are in place to detect and contain privilege escalation attempts.
🎯 Exploit Status
Privilege escalation vulnerabilities in WordPress plugins are frequently exploited in the wild. The high CVSS score suggests exploitation is straightforward.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Version 51.1.37 or later
Restart Required: No
Instructions:
1. Log into WordPress admin panel. 2. Navigate to Plugins → Installed Plugins. 3. Find 'King Addons for Elementor'. 4. Click 'Update Now' if available. 5. Alternatively, download version 51.1.37+ from WordPress repository and manually update.
🔧 Temporary Workarounds
Disable vulnerable plugin
allTemporarily deactivate the King Addons plugin until patched
wp plugin deactivate king-addons
Restrict plugin access
allUse web application firewall to block access to plugin files
🧯 If You Can't Patch
- Remove the King Addons plugin completely if not essential
- Implement strict access controls and monitor for suspicious admin user creation
🔍 How to Verify
Check if Vulnerable:
Check WordPress admin panel → Plugins → King Addons for Elementor → Version numberCheck Version:
wp plugin get king-addons --field=versionVerify Fix Applied:
Verify plugin version is 51.1.37 or higher in WordPress admin📡 Detection & Monitoring
Log Indicators:
- Unexpected admin user creation
- Multiple failed login attempts followed by successful admin login
- Plugin file modification alerts
Network Indicators:
- Unusual POST requests to wp-admin/admin-ajax.php or plugin-specific endpoints
SIEM Query:
source="wordpress" AND (event="user_registered" AND user_role="administrator") OR (event="plugin_updated" AND plugin_name="king-addons")