Privilege Escalation Issue in Hospital Doctor Directory Plugin by e-plugins
CVE-2025-69183

8.8HIGH

Key Information:

Vendor: WordPress
Status: Hospital Doctor Directory
Vendor: CVE Published:; 22 January 2026

What is CVE-2025-69183?

A privilege escalation vulnerability has been identified in the Hospital Doctor Directory plugin developed by e-plugins. This flaw allows attackers to exploit improper privilege assignment mechanisms, potentially enabling unauthorized users to gain higher access privileges. Current versions up to and including 1.3.9 are impacted, posing a significant risk to the integrity of the application and user data. Users are advised to update to the latest patched version to mitigate this security concern. For more information, visit the Patchstack database.

Affected Version(s)

Hospital Doctor Directory 0 <= 1.3.9

References

https://patchstack.com/database/Wordpress/Plugin/hospital...

vdb-entry

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jan 22, 2026
Vulnerability Reserved
Dec 29, 2025

Credit

Phat RiO | Patchstack Bug Bounty Program

CVE-2025-69183 Data

JSON

WordPress

What is CVE-2025-69183?

Affected Version(s)

References

CVSS V3.1

Timeline

Credit