CVE-2025-6038 | Lisfinity Core Plugin up to 1.4.0 on WordPress Password Update privilege escalation

A vulnerability, which was classified as critical, has been found in Lisfinity Core Plugin up to 1.4.0 on WordPress. Affected by this vulnerability is an unknown functionality of the component Password Update Handler. Performing manipulation results in privilege escalation.

This vulnerability is reported as CVE-2025-6038. The attack is possible to be carried out remotely. No exploit exists.VulDB Recent EntriesRead More