Privilege Escalation

An attack where a user gains higher access privileges than intended, such as a subscriber becoming an administrator.

How it works

An attack where a user gains higher access privileges than intended, such as a subscriber becoming an administrator.

Often caused by missing capability checks in WordPress admin AJAX handlers or REST API endpoints.

WP HealthKit checks for Privilege Escalation-related vulnerabilities automatically

What Is Privilege Escalation? — WordPress Security Glossary | WP HealthKit