CVE Alert: CVE-2025-4519 - themeatelier - IDonate – Blood Donation, Request And Donor Management System

CVE-2025-4519

HIGHNo exploitation known

The IDonate – Blood Donation, Request And Donor Management System plugin for WordPress is vulnerable to Privilege Escalation due to a missing capability check on the idonate_donor_password() function in versions 2.1.5 to 2.1.9. This makes it possible for authenticated attackers, with Subscriber-level access and above, to initiate a password reset for any user (including administrators) and elevate their privileges for full site takeover.

CVSS v3.1 (8.8)

Vendor

themeatelier

Product

IDonate – Blood Donation, Request And Donor Management System

Versions

2.1.5 lte 2.1.9

CWE

CWE-285, CWE-285 Improper Authorization

Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Published

2025-11-07T04:28:54.561Z

Updated

2025-11-07T04:28:54.561Z

References

https://www.wordfence.com/threat-intel/vulnerabilities/id/596aef67-582a-4506-bae9-c7be1899e47a?source=cve

https://wordpress.org/plugins/idonate/#developers

https://plugins.trac.wordpress.org/browser/idonate/tags/2.1.9/src/Helpers/DonorFunctions.php#L410

https://plugins.trac.wordpress.org/changeset/3334424/idonate/tags/2.1.10/src/Helpers/DonorFunctions.php?old=3279142&old_path=idonate%2Ftags%2F2.1.9%2Fsrc%2FHelpers%2FDonorFunctions.php

AI Summary Analysis

Risk verdict

High risk of authenticated privilege escalation enabling full site takeover; patch promptly to prevent potential unauthorised admin access.

Why this matters

Attackers with Subscriber-level access can trigger password resets for any user, including administrators, effectively bypassing authorization. The impact spans confidentiality, integrity and availability, risking data loss, defacement, or manipulation of donor/membership workflows.

Most likely attack path

An authenticated user at Subscriber level or higher exploits the missing authorization check to initiate a password reset for a target account (including admins) via the donor/password routine. No user interaction is required beyond authentication, enabling silent elevation to full control and potential persistence across the site.

Who is most exposed

WordPress sites using the affected donation plugin versions 2.1.5–2.1.9 are at risk, especially where privileged donor roles exist and regular admin accounts are present. Common deployments in managed WordPress hosting or small-to-medium sites with donor management workflows are particularly exposed.

Detection ideas

Password reset activity targeted at admin accounts originating from donor module activity.
Privilege changes or admin password resets initiated by non-admin users.
Unexpected changes to donor management or admin-level settings in plugin logs.
Anomalous login sessions or elevated access shortly after donor password actions.
Code changes or calls to the donor_password function in plugin audit trails.

Mitigation and prioritisation

Update to 2.1.10 or later immediately; if unavailable, mitigate by disabling the plugin.
Apply least-privilege access; restrict donor role capabilities related to password management.
Implement compensating controls: WAF rules to block anomalous password-reset requests; monitor and alert on donor_password function usage.
Verify admin accounts for unexpected password changes and enable MFA where possible.
Change-management: plan a targeted patch window; test in staging before production.

Support Our Work

A considerable amount of time and effort goes into maintaining this website, creating backend automation and creating new features and content for you to make actionable intelligence decisions. Everyone that supports the site helps enable new functionality.

If you like the site, please support us on Patreon or Buy Me A Coffee using the buttons below.

AI APIs OSINT driven New features

Buy Me A Coffee Patreon

Tags: CVE, cve-2025-4519, idonate-blood-donation-request-and-donor-management-system, OSINT, themeatelier, threatintel