Streamit WordPress Theme Privilege Escalation Vulnerability via Account Takeover
Vulnerability
A privilege escalation vulnerability allowing account takeover has been identified in the Streamit theme for WordPress, affecting all versions through 4.0.2. The issue arises because the theme's authentication controller does not properly validate a user's identity before allowing changes to profile details, such as email addresses. This flaw enables unauthenticated attackers to modify email addresses of any user, including administrators. Once an email address is changed, the attacker can reset the user's password and gain access to their account.
Impact
Exploitation of this vulnerability allows for unauthorized changes to user email addresses, including those of administrators. This can be leveraged to reset passwords and gain access to user accounts, effectively bypassing normal authentication controls.
Remediation
Users are advised to update the Streamit WordPress theme to version 4.0.3 or a newer patched version.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.