WordPress PrivEsc

Exploit

WordPress Plugin User Role Editor < 4.25 - Privilege EscalationExploit Database

How to Escalate Privileges

Login as a normal user

Go to Profile

Update Profile

Intercept with BURP

Add the following to the REQUEST

&ure_other_roles=administrator&

Example below:

Results