The Digital Security Authority (DSA) wants to bring to your attention a vulnerability affecting a WordPress Plugin. 

Technical Details

The WPC Admin Columns plugin for WordPress is vulnerable to privilege escalation in versions 2.0.6 to 2.1.0. This is due to the plugin not properly restricting user meta values that can be updated through the ajax_edit_save() function. This makes it possible for authenticated attackers, with Subscriber-level access and above, to update their role to that of an administrator.

An attacker with even a low-privilege Subscriber account can potentially gain full administrative access to a WordPress site. This could lead to complete site compromise, including: - Unauthorized changes to site settings - Installation of malicious plugins or themes - Creation of new admin accounts - Potential data theft or site defacement - Compromise of entire WordPress installation 

Affected Products:

WPC Admin Columns plugin for WordPress affects versions :

• 2.0.6
• 2.1.0

Recommendations

The Digital Security Authority recommends:

1. Upgrade WPC Admin Columns plugin to a version beyond 2.1.0

2. Audit all user accounts, especially those with Subscriber or higher privileges

3. Implement additional access controls and monitoring

4. Use multi-factor authentication for admin accounts

5. Regularly review and restrict plugin permissions

6. Consider temporarily disabling the plugin if an update is not immediately available

References

1.  Common Vulnerabilities & Exposures
2.  Common Weakness Enumeration

The information presented in this report is based on available data up to the 13th of April 2025.

 [ Get the report  in .PDF ]