The Nokri – Job Board WordPress Theme theme for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 1.6.2. This is due to the plugin not properly checking for an empty token value prior updating their details like password. This makes it possible for unauthenticated attackers to change arbitrary user's password, including administrators, and leverage that to gain access to their account.
The password change mechanism in the theme does not properly verify whether the provided token is empty before updating user data. An attacker can send a password change request with an empty token value, which is accepted by the application as valid. As a result, it is possible to change the password of any account – including administrator accounts – without knowing the original authentication credentials.
The attacker gains full access to the compromised user or administrator account, which can lead to complete takeover of the WordPress site, including content modification, malicious software installation, or data theft.
The Nokri – Job Board theme should be updated to a version higher than 1.6.2. Patches available from the vendor should be applied according to references. Until the update is applied, it is recommended to consider temporarily disabling the password change functionality or restricting access to the site.
Nokri – Job Board WordPress theme in all versions up to and including 1.6.2
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H