CVE-2025-8572 — AI Deep Analysis Summary

🚨 **Essence**: A critical flaw in **Truelysell Core** plugin allows unauthorized role assignment. 📉 **Consequences**: Attackers can create admin-level accounts without permission, leading to full site takeover.

🛡️ **Root Cause**: **CWE-269** (Improper Privilege Management). The plugin fails to validate the `user_role` parameter during user registration. 🐛 **Flaw**: Weak input sanitization allows privilege escalation.

📦 **Affected**: **Truelysell Core** plugin version **1.8.7 and earlier**. 🏢 **Vendor**: Dreamstechnologies. 🌐 **Platform**: WordPress sites using this specific booking theme/plugin.

💀 **Attacker Action**: Create new user accounts with **elevated privileges** (e.g., Admin). 🔓 **Impact**: Full control over the WordPress site, data theft, and malicious code injection.

🔓 **Threshold**: **LOW**. CVSS indicates **No Auth** (PR:N) required. 🌍 **Access**: Network accessible (AV:N), Low complexity (AC:L). Anyone can exploit this remotely.

💻 **Exploit**: Yes, public PoC available. 🔗 **Link**: [GitHub PoC](https://github.com/richardpaimu34/CVE-2025-8572). ⚠️ **Status**: Wild exploitation risk is high due to simple vector.

🔍 **Check**: Scan for **Truelysell Core** plugin version ≤ 1.8.7. 📝 **Feature**: Look for user registration endpoints accepting `user_role` parameters without server-side validation.

🛠️ **Fix**: Update **Truelysell Core** to the latest version immediately. 📢 **Source**: Check vendor (Dreamstechnologies) or WordPress repository for patched releases.

🚧 **Workaround**: If patching is delayed, **disable public registration** or restrict user roles via server-side rules. 🛑 Block access to registration endpoints if possible.

🔥 **Priority**: **CRITICAL**. CVSS Score is High (likely 9.8+). 🚀 **Action**: Patch immediately. This is a remote, unauthenticated privilege escalation. Do not wait.