CVE-2025-69293 - Vulnerability Details

Incorrect Privilege Assignment vulnerability in e-plugins Final User final-user allows Privilege Escalation.This issue affects Final User: from n/a through <= 1.2.5.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
E-plugins	Final User
Wordpress	Wordpress

No data.

References

Link	Providers
https://patchstack.com/database/Wordpress/Plugin/final-user/vulnerability/wordpress-final-user-plugin-1-2-5-privilege-escalation-vulnerability?_s_id=cve

History

Fri, 23 Jan 2026 16:45:00 +0000

Type	Values Removed	Values Added
First Time appeared		E-plugins E-plugins final User Wordpress Wordpress wordpress
Vendors & Products		E-plugins E-plugins final User Wordpress Wordpress wordpress

Thu, 22 Jan 2026 23:00:00 +0000

Type	Values Removed	Values Added
Description		Incorrect Privilege Assignment vulnerability in e-plugins Final User final-user allows Privilege Escalation.This issue affects Final User: from n/a through <= 1.2.5.
Title		WordPress Final User plugin <= 1.2.5 - Privilege Escalation vulnerability
Weaknesses		CWE-266
References		https://patchstack.com/database/Wordpress/Plugin/final-user/vulnerability/wordpress-final-user-plugin-1-2-5-privilege-escalation-vulnerability?_s_id=cve

MITRE

Status: PUBLISHED

Assigner: Patchstack

Published: 2026-01-22T16:52:31.224Z

Updated: 2026-01-22T16:52:31.224Z

Reserved: 2025-12-31T20:11:57.533Z

Link: CVE-2025-69293

Vulnrichment

No data.

NVD

Status : Received

Published: 2026-01-22T17:16:26.487

Modified: 2026-01-22T17:16:26.487

Link: CVE-2025-69293

Redhat

No data.

Metrics

Affected Vendors & Products

Metrics

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object