Optional Email

9.8 / 10

CRITICAL

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Description

The Optional Email plugin for WordPress is vulnerable to Privilege Escalation via Account Takeover in all versions up to, and including, 1.3.11. This is due to the plugin not restricting its 'random_password' filter to registration contexts, allowing the filter to affect password reset key generation. This makes it possible for unauthenticated attackers to set a known password reset key when initiating a password reset, reset the password of any user including administrators, and gain access to their accounts.

AI Analysis

Unauthenticated Privilege Escalation to Account Takeover via the 'random_password' filter

Basic Information

ID CVE-2025-15018

Source Wordfence

Published Jan 7, 2026 at 08:21

Affected Product

Vendor djanym

Product Optional Email

Version *

Affected Versions djanym Optional Email *

CWE Classification

CWE-639

AI Assessment

AI Score 9.8 / 10

AI Severity Critical

Vendor djanym

Product Optional Email

Version 1.3.11

References

{
    "lastseen": "",
    "description": "The Optional Email plugin for WordPress is vulnerable to Privilege Escalation via Account Takeover in all versions up to, and including, 1.3.11. This is due to the plugin not restricting its 'random_password' filter to registration contexts, allowing the filter to affect password reset key generation. This makes it possible for unauthenticated attackers to set a known password reset key when initiating a password reset, reset the password of any user including administrators, and gain access to their accounts.",
    "published": "2026-01-07T08:21:57.437Z",
    "modified": "2026-01-07T08:21:57.437Z",
    "type": "cve",
    "title": "Optional Email <= 1.3.11 - Unauthenticated Privilege Escalation to Account Takeover",
    "source": "Wordfence",
    "references": "https://www.wordfence.com/threat-intel/vulnerabilities/id/ff4243e9-cf72-40d5-bc7d-204426024a1d?source=cve\nhttps://plugins.trac.wordpress.org/browser/optional-email/tags/1.3.11/optional-email.php?marks=44,51#L44",
    "id": "CVE-2025-15018",
    "bulletinFamily": "",
    "cwe": [
        "CWE-639"
    ],
    "cvelist": null,
    "sourceData": "djanym Optional Email *",
    "sourceHref": "",
    "cvss": {
        "score": 9.8,
        "severity": "CRITICAL",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Optional Email",
    "version": "*",
    "vendor": "djanym",
    "ai_description": "Unauthenticated Privilege Escalation to Account Takeover via the 'random_password' filter",
    "ai_severity": "Critical",
    "ai_vendor": "djanym",
    "ai_product": "Optional Email",
    "ai_version": "1.3.11",
    "ai_score": 9.8
}

Optional Email <= 1.3.11 - Unauthenticated Privilege Escalation to Account Takeover_CVE-2025-15018