WP SmartPay WordPress Plugin Privilege Escalation Vulnerability Allowing Account Takeover

Vulnerability

A privilege escalation vulnerability allowing account takeover has been identified in the WP SmartPay WordPress plugin, specifically in versions 1.1.0 to 2.7.13. The issue arises because the plugin fails to properly validate a user's identity before updating email addresses through the 'update' function. This flaw enables authenticated attackers with Subscriber-level access or higher to change the email addresses of any user, including administrators. By doing so, they can reset the user's password and gain access to their account.

Impact

Exploitation of this vulnerability could lead to unauthorized access to user accounts, including those of administrators, allowing attackers to manipulate account settings and potentially access sensitive information or functionalities.

Added: Jul 2, 2025, 4:55 AM

Updated: Jul 2, 2025, 4:55 AM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

5.9

remediation

0.0

relevance

0.2

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

5.9

remediation

0.0

relevance

0.2

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

WP SmartPay WordPress Plugin Privilege Escalation Vulnerability Allowing Account Takeover

Vulnerability

Impact

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating