PatchSiren cyber security CVE debrief
CVE-2025-6254 AmentoTech CVE debrief
A critical vulnerability was discovered in the Doctreat Core plugin for WordPress, affecting all versions up to and including 1.6.8. This vulnerability allows unauthenticated attackers to register as an administrator user due to the doctreat_process_registration() function not properly restricting the roles that a user can register with.
- Vendor
- AmentoTech
- Product
- Doctreat Core
- CVSS
- CRITICAL 9.8
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-06-10
- Original CVE updated
- 2026-06-10
- Advisory published
- 2026-06-10
- Advisory updated
- 2026-06-10
Who should care
Administrators of WordPress sites using the Doctreat Core plugin, security teams monitoring for potential privilege escalation attacks
Technical summary
The Doctreat Core plugin for WordPress is vulnerable to Privilege Escalation. The vulnerability has a CVSS score of 9.8 and is considered CRITICAL. The vulnerability is due to the doctreat_process_registration() function not properly restricting the roles that a user can register with, allowing unauthenticated attackers to register as an administrator user.
Defensive priority
high
Recommended defensive actions
- Update the Doctreat Core plugin to a version beyond 1.6.8
- Monitor for suspicious user registration attempts
Evidence notes
Evidence from the NVD and CVE.org
Official resources
CVE-2025-6254 was published on 2026-06-10T10:16:29.827Z and modified on 2026-06-10T18:35:12.690Z.