CVE-2025-59001

Vulnerability

Overview

The Salient Core plugin for WordPress, versions 3.0.8 and earlier, contains a missing authorization vulnerability. The issue stems from an incorrectly configured access control security level, which fails to properly enforce privilege checks on certain functions. This broken access control allows users without the necessary permissions to perform actions that should require higher privileges [1].

Exploitation

An attacker who does not have the required privileges can exploit this vulnerability by sending crafted requests to the affected plugin endpoints. The attack does not require authentication as an administrator, making it accessible to any authenticated user with minimal access to trigger the flaw. The vulnerability is classified as a broken access control issue, meaning the plugin lacks proper authorization checks or nonce token validation in its functions [1].

Impact

Successful exploitation enables an attacker to perform actions that should be restricted to higher-privileged users, such as administrators. This could include modifying plugin settings, accessing sensitive data, or executing other unauthorized operations within the WordPress installation. The CVSS v3 score of 4.3 (Medium) reflects the limited but real risk of privilege escalation [1].

Mitigation

Mitigation

The vendor has released version 3.0.9 which addresses the vulnerability. Users are strongly advised to update the Salient Core plugin to 3.0.9 or later immediately. For those unable to update, contacting the hosting provider or web developer for assistance is recommended. Patchstack users can enable auto-updates for vulnerable plugins to ensure timely patching [1].