CVE-2025-1570: 
WordPress vulnerability analysis and mitigation

The Directorist: AI-Powered Business Directory Plugin with Classified Ads Listings plugin for WordPress contains a critical privilege escalation vulnerability (CVE-2025-1570) affecting all versions up to and including 8.1. The vulnerability was discovered and reported by Wordfence, with the initial disclosure on February 28, 2025 (NVD CVE).

The vulnerability stems from insufficient controls in the directoristgeneratepasswordresetpincode() and resetuser_password() functions. These functions lack proper security measures to prevent successful brute force attacks on the OTP used for password changes, and they fail to verify if password reset requests originate from authorized users. The vulnerability has received a CVSS v3.1 base score of 9.8 (CRITICAL) with the vector string CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H, indicating its severe nature (NVD CVE).

The vulnerability allows unauthenticated attackers to generate and brute force an OTP, enabling them to change any user's password, including administrator accounts. This can lead to complete account takeover and unauthorized administrative access to WordPress installations running the vulnerable plugin (NVD CVE).

Users should immediately update their Directorist plugin to version 8.2 or later, which contains the security fix for this vulnerability. The fix was implemented through a patch that can be found in the WordPress plugin repository (WordPress Plugin).