<0.1% probability · 17.0th percentile — 2026-05-12
Affected versions
Directorist Social Login before 2.1.4
Summary
This vulnerability is caused by incorrect privilege assignment in the Directorist Social Login WordPress plugin. It allows attackers to escalate privileges to administrative levels on affected WordPress sites. Successful exploitation grants attackers full unauthorized control over the vulnerable site.
Remediation
Update the Directorist Social Login plugin to version 2.1.4 or newer immediately. After patching, audit all user accounts on the site to remove any unauthorized access granted by prior exploitation of this vulnerability.
TopVuln sends digest emails with high-risk CVE picks across multiple authoritative sources—curated with EPSS and AI. Choose daily per-stream emails and optional weekly or monthly roundups.