Doctreat Core

9.8 / 10

CRITICAL

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Description

The Doctreat Core plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 1.6.8. This is due to the doctreat_process_registration() function not properly restricting the roles that a user can register with. This makes it possible for unauthenticated attackers to register as an administrator user.

AI Analysis

Unauthenticated Privilege Escalation vulnerability in Doctreat Core plugin for WordPress due to improper role restriction in the registration process

Basic Information

ID CVE-2025-6254

Source Wordfence

Published Jun 10, 2026 at 08:28

Affected Product

Vendor AmentoTech

Product Doctreat Core

Affected Versions AmentoTech Doctreat Core 0

CWE Classification

CWE-269

AI Assessment

AI Score 9.8 / 10

AI Severity Critical

Vendor AmentoTech

Product Doctreat Core

Version <= 1.6.8

References

{
    "lastseen": "",
    "description": "The Doctreat Core plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 1.6.8. This is due to the doctreat_process_registration() function not properly restricting the roles that a user can register with. This makes it possible for unauthenticated attackers to register as an administrator user.",
    "published": "2026-06-10T08:28:20.052Z",
    "modified": "2026-06-10T08:28:20.052Z",
    "type": "cve",
    "title": "Doctreat Core <= 1.6.8 - Unauthenticated Privilege Escalation",
    "source": "Wordfence",
    "references": "https://www.wordfence.com/threat-intel/vulnerabilities/id/5fa37909-932c-4879-bbf0-8b44cc995cc0?source=cve\nhttps://themeforest.net/item/doctreat-doctors-directory-wordpress-theme/24867777",
    "id": "CVE-2025-6254",
    "bulletinFamily": "",
    "cwe": [
        "CWE-269"
    ],
    "cvelist": null,
    "sourceData": "AmentoTech Doctreat Core 0",
    "sourceHref": "",
    "cvss": {
        "score": 9.8,
        "severity": "CRITICAL",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Doctreat Core",
    "version": "0",
    "vendor": "AmentoTech",
    "ai_description": "Unauthenticated Privilege Escalation vulnerability in Doctreat Core plugin for WordPress due to improper role restriction in the registration process",
    "ai_severity": "Critical",
    "ai_vendor": "AmentoTech",
    "ai_product": "Doctreat Core",
    "ai_version": "<= 1.6.8",
    "ai_score": 9.8
}

Doctreat Core <= 1.6.8 - Unauthenticated Privilege Escalation_CVE-2025-6254