CVE-2025-15018CRITICAL 9.8EPSS p21.4%

CVE-2025-15018CVE-2025-15018

Description

The Optional Email plugin for WordPress is vulnerable to Privilege Escalation via Account Takeover in all versions up to, and including, 1.3.11. This is due to the plugin not restricting its 'random_password' filter to registration contexts, allowing the filter to affect password reset key generation. This makes it possible for unauthenticated attackers to set a known password reset key when initiating a password reset, reset the password of any user including administrators, and gain access to their accounts.

Scoring

CVSS 3.19.8 (CRITICAL)
VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS0.30% probability of exploitation · percentile 21.4% · 2026-06-18T12:00:27Z
Published2026-01-07
Last modified2026-04-15

Underlying weaknesses· 1

CWE-639

References

  1. https://plugins.trac.wordpress.org/browser/optional-email/tags/1.3.11/optional-email.php?marks=44,51#L44
  2. https://www.wordfence.com/threat-intel/vulnerabilities/id/ff4243e9-cf72-40d5-bc7d-204426024a1d?source=cve

1

TypeTargetConfidenceTier
WeaknessAuthorization Bypass Through User-Controlled Keycwe-6390%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2025-15001
CVE
CVE-2025-14996
CVE
CVE-2025-5486
CVE
CVE-2025-3746
CVE
CVE-2025-3605
CVE
CVE-2025-15030
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.