LazyTasks WordPress Plugin Privilege Escalation Vulnerability

A privilege escalation vulnerability allowing account takeover has been identified in the LazyTasks WordPress plugin, specifically in versions through 1.2.29. The issue arises because the plugin's REST API endpoint for editing user roles does not properly authenticate users before allowing changes to be made. This flaw enables unauthenticated attackers to alter the email addresses of any user, including administrators. Once an email address is changed, the attacker can reset the user's password and gain access to their account. Additionally, this vulnerability could be exploited to assign extra roles to users within the plugin.

Impact

Exploitation of this vulnerability could lead to unauthorized access to user accounts, including those of administrators, allowing attackers to impersonate these users and potentially misuse their privileges.

Remediation

No known patch is available. Users are advised to review the vulnerability details and consider uninstalling the affected plugin.