Videospirecore Theme Plugin Privilege Escalation Vulnerability via Account Takeover
Vulnerability
A privilege escalation vulnerability allowing account takeover has been identified in the Videospirecore Theme Plugin for WordPress, affecting all versions through 1.0.6. The vulnerability arises because the plugin fails to properly validate a user's identity before allowing changes to user details such as email addresses. This flaw enables authenticated attackers with Subscriber-level access or higher to modify the email addresses of any users, including administrators. Once the email address is changed, the attacker can reset the user's password and gain access to their account.
Impact
Exploitation of this vulnerability allows for unauthorized changes to user email addresses, facilitating password resets and unauthorized access to user accounts, including those of administrators.
Remediation
Users can update to Videospirecore Theme Plugin version 1.0.7, which addresses the privilege escalation vulnerability by adding proper nonce verification to all AJAX and form submissions.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.