CVE-2025-3605

CRITICAL EXPLOITED NUCLEI

Frontend Login & Registration Blocks <1.0.7 - Privilege Escalation

Title source: llm

Description

The Frontend Login and Registration Blocks plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 1.0.7. This is due to the plugin not properly validating a user's identity prior to updating their details like email via the flr_blocks_user_settings_handle_ajax_callback() function. This makes it possible for unauthenticated attackers to change arbitrary user's email addresses, including administrators, and leverage that to reset the user's password and gain access to their account.

Exploits (4)

exploitdb WORKING POC

by Md Shoriful Islam · pythonwebappsmultiple

https://www.exploit-db.com/exploits/52291

View Code ZIP pw:eip

nomisec WORKING POC 2 stars

by Nxploited · remote

https://github.com/Nxploited/CVE-2025-3605

View Code ZIP pw:eip

nomisec WORKING POC 1 stars

by GadaLuBau1337 · remote

https://github.com/GadaLuBau1337/CVE-2025-3605

View Code ZIP pw:eip

github WORKING POC

by Boshe99 · pythonpoc

https://github.com/Boshe99/CVE-Exploits/tree/main/CVE-2025-3605

View Code ZIP pw:eip

Nuclei Templates (1)

WordPress Frontend Login and Registration Blocks Plugin 1.0.7 - Privilege Escalation

CRITICALVERIFIEDby beginee

FOFA: body="/wp-content/plugins/frontend-login-and-registration-blocks/"

References (2)

[Product] https://plugins.trac.wordpress.org/browser/frontend-login-and-registration-blocks/trunk/inc/class-flr-blocks-user-settings.php#L59

[Third Party Advisory] https://www.wordfence.com/threat-intel/vulnerabilities/id/0c11668c-6dc3-4539-b2be-bf6528bed73e?source=cve

Scores

CVSS v3 9.8

EPSS 0.1273

EPSS Percentile 94.0%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

VulnCheck KEV 2025-10-03

CWE

CWE-639

Status published

Products (1)

arkenon/Frontend Login and Registration Blocks < 1.0.7

Published May 09, 2025

Tracked Since Feb 18, 2026