SpirityCVE

Incorrect Privilege Assignment vulnerability in e-plugins Lawyer Directory lawyer-directory allows Privilege Escalation.This issue affects Lawyer Directory: from n/a through <= 1.3.3.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
E-plugins	Lawyer Directory
Wordpress	Wordpress

No data.

References

Link	Providers
https://www.spirityenterprise.com/virtual-ciso
https://patchstack.com/database/Wordpress/Plugin/lawyer-directory/vulnerability/wordpress-lawyer-directory-plugin-1-3-3-privilege-escalation-vulnerability?_s_id=cve

History

Fri, 23 Jan 2026 16:45:00 +0000

Type	Values Removed	Values Added
First Time appeared		E-plugins E-plugins lawyer Directory Wordpress Wordpress wordpress
Vendors & Products		E-plugins E-plugins lawyer Directory Wordpress Wordpress wordpress

Thu, 22 Jan 2026 23:00:00 +0000

Type	Values Removed	Values Added
Description		Incorrect Privilege Assignment vulnerability in e-plugins Lawyer Directory lawyer-directory allows Privilege Escalation.This issue affects Lawyer Directory: from n/a through <= 1.3.3.
Title		WordPress Lawyer Directory plugin <= 1.3.3 - Privilege Escalation vulnerability
Weaknesses		CWE-266
References		https://patchstack.com/database/Wordpress/Plugin/lawyer-directory/vulnerability/wordpress-lawyer-directory-plugin-1-3-3-privilege-escalation-vulnerability?_s_id=cve

MITRE

Status: PUBLISHED

Assigner: Patchstack

Published: 2026-01-22T16:51:58.463Z

Updated: 2026-01-22T16:51:58.463Z

Reserved: 2025-12-15T10:00:23.852Z

Link: CVE-2025-67966

Vulnrichment

No data.

NVD

Status : Received

Published: 2026-01-22T17:16:06.113

Modified: 2026-01-22T17:16:06.113

Link: CVE-2025-67966

Redhat

No data.

Metrics

Affected Vendors & Products

Metrics

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object