CVE Alert: CVE-2025-8425 – mythemeshop – My WP Translate
CVE-2025-8425
The My WP Translate plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the ajax_import_strings() function in all versions up to, and including, 1.1. This makes it possible for authenticated attackers, with Subscriber-level access and above, to update arbitrary options on the WordPress site. This can be leveraged to update the default role for registration to administrator and enable user registration for attackers to gain administrative user access to a vulnerable site.
AI Summary Analysis
Risk verdict
High risk; patch promptly as authenticated Subscriber+ users can modify arbitrary options and escalate privileges; no explicit exploitation indicators are provided in the data.
Why this matters
Compromise allows an attacker to coercively alter site settings, including enabling administrator-level registration, which can grant full control over the WordPress installation. In practice, this enables data modification, user account takeovers, and persistence with elevated access, posing substantial business disruption and reputational risk.
Most likely attack path
An attacker with Subscriber-level access can exploit a missing capability check in the AJAX handler (ajax_import_strings) to update arbitrary options without UI interaction. The CVSS metrics indicate remote, low-complexity access with no user interaction and with permissions at Low privilege required; the impact remains at high severity (C/I/A). In effect, exploitation can occur over the network via the plugin’s AJAX endpoint and could culminate in admin-rights escalation.
Who is most exposed
Sites running My WP Translate <= 1.1, with registered users and enabled user registrations, are most at risk. Deployments on public WordPress instances with accessible admin-ajax endpoints and active subscriber accounts amplify exposure.
Detection ideas
- Unexpected changes to site options via admin-ajax.php tied to the plugin.
- New or elevated-privilege user accounts (e.g., administrator) or changes to default registration settings.
- Anomalous calls to ajax_import_strings without corresponding UI activity.
- Logs showing authorised accounts performing high-privilege updates.
Mitigation and prioritisation
- Apply vendor patch or upgrade to the latest version; verify patch applicability.
- Temporarily disable the plugin if no fix is available; restrict user registrations.
- Enforce strict role checks and minimum required privileges; review and revoke excess admin rights.
- Strengthen overall authentication and add MFA for admin accounts; monitor for anomalous admin-related activity.
- Quarantine and backup prior to patching; test in a staging environment before production.
A considerable amount of time and effort goes into maintaining this website, creating backend automation and creating new features and content for you to make actionable intelligence decisions. Everyone that supports the site helps enable new functionality.
If you like the site, please support us on “Patreon” or “Buy Me A Coffee” using the buttons below
To keep up to date follow us on the below channels.
