← back
CVE-2025-49388

WordPress Miraculous Core Plugin Plugin <= 2.0.7 - Privilege Escalation Vulnerability

CVSS 9.8 CRITICALEPSS 5.1%CWE-266
Incorrect Privilege Assignment vulnerability in kamleshyadav Miraculous Core Plugin miraculouscore allows Privilege Escalation.This issue affects Miraculous Core Plugin: from n/a through <= 2.0.7.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected products
kamleshyadav · Miraculous Core Plugin
public PoCs found1
githubgithub.com/Nxploited/CVE-2025-493881
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://patchstack.com/database/Wordpress/Plugin/miraculouscore/vulnerability/wordpress-miraculous-core-plugin-plugin-2-0-7-privilege-escalation-vulnerability?_s_id=cve