CVE-2025-13390

Description

The WP Directory Kit plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 1.4.4 due to incorrect implementation of the authentication algorithm in the "wdk_generate_auto_login_link" function. This is due to the feature using a cryptographically weak token generation mechanism. This makes it possible for unauthenticated attackers to gain administrative access and achieve full site takeover via the auto-login endpoint with a predictable token.

CVSS v3.1 Score

10.0

CRITICAL

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

Weakness Type (CWE)

CWE-303 CWE-303

Affected Products

Vendor	Product	Versions
wpdirectorykit	wp_directory_kit	< 1.4.4

References

Advisories & Patches

https://plugins.trac.wordpress.org/changeset/3400599/wpdirectorykit/

Exploits

https://github.com/d0n601/CVE-2025-13390 https://ryankozak.com/posts/cve-2025-13390/ https://github.com/d0n601/CVE-2025-13390

Other References

https://www.wordfence.com/threat-intel/vulnerabilities/id/6598d171-e68c-4d2f-9cd1-f1574fa90433?source=cve

Frequently Asked Questions

What is CVE-2025-13390? +

The WP Directory Kit plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 1.4.4 due to incorrect implementation of the authentication algorithm in the "wdk_generate_auto_login_link" function. This is due to the feature using a cryptographically weak token generation mechanism. This makes it possible for unauthenticated attackers to gain administrative access and achieve full site takeover via the auto-login endpoint with a predictable token. It has a CVSS v3.1 base score of 10.0 (CRITICAL).

How severe is CVE-2025-13390? +

CVE-2025-13390 has a CVSS v3.1 score of 10.0 out of 10, rated CRITICAL. This is a critical vulnerability that should be patched immediately.

What products are affected by CVE-2025-13390? +

CVE-2025-13390 affects products from wpdirectorykit, specifically: wp_directory_kit. Check the affected products table above for specific version ranges.

How do I check if I'm vulnerable to CVE-2025-13390? +

You can use Secably's free Website Scanner to check your website for known vulnerabilities. For infrastructure scanning, use the Port Scanner to identify exposed services that may be affected. Check the vendor advisories linked above for specific patch and version information.

Related Vulnerabilities

CVE-2024-8314

An Incorrect Implementation of Authentication Algorithm and Exposure of Data Element to Wrong Ses-sion vulnerability in the session handling used …

CVE-2025-48994

SignXML is an implementation of the W3C XML Signature standard in Python. When verifying signatures with X509 certificate validation turned …

CVE-2024-4332

An authentication bypass vulnerability has been identified in the REST and SOAP API components of Tripwire Enterprise (TE) 9.1.0 when …

CVE-2025-43856

immich is a high performance self-hosted photo and video management solution. Prior to 1.132.0, immich is vulnerable to account hijacking …

CVE-2025-61783

Python Social Auth is a social authentication/registration mechanism. In versions prior to 5.6.0, upon authentication, the user could be associated …

CVE-2025-12419 9.9

Mattermost versions 10.12.x <= 10.12.1, 10.11.x <= 10.11.4, 10.5.x <= 10.5.12, 11.0.x <= 11.0.3 fail to properly validate OAuth state …