CVE-2023-1874

HIGH

WP Data Access <5.3.7 - Privilege Escalation

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2023-1874. PoCs published by thomas-osgood.

AI-analyzed exploit summary This repository contains a Python-based exploit for CVE-2023-1874, a privilege escalation vulnerability in the WP Data Access WordPress plugin. The exploit automates the process of logging in as a low-privileged user and escalating privileges by manipulating the `wpda_role[]` parameter during a profile update.

Description

The WP Data Access plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 5.3.7. This is due to a lack of authorization checks on the multiple_roles_update function. This makes it possible for authenticated attackers, with minimal permissions such as a subscriber, to modify their user role by supplying the 'wpda_role[]' parameter during a profile update. This requires the 'Enable role management' setting to be enabled for the site.

Exploits (1)

nomisec WORKING POC

by thomas-osgood · poc

https://github.com/thomas-osgood/cve-2023-1874

View Code ZIP pw:eip

This repository contains a Python-based exploit for CVE-2023-1874, a privilege escalation vulnerability in the WP Data Access WordPress plugin. The exploit automates the process of logging in as a low-privileged user and escalating privileges by manipulating the `wpda_role[]` parameter during a profile update.

Classification

Working Poc 95%

Attack Type

Auth Bypass

Complexity

Moderate

Reliability

Reliable

Target: WP Data Access plugin for WordPress (versions up to and including 5.3.7)

Auth required

Prerequisites: Valid WordPress credentials (even low-privileged) · WP Data Access plugin installed and configured with 'Enable role management' setting enabled

MITRE ATT&CK

T1068 - Exploitation for Privilege Escalation

devstral-2 · analyzed Feb 16, 2026 Full analysis →