Two critical security vulnerabilities [2] [3], CVE-2024-22303 and CVE-2024-21743 [1], were recently discovered in the Houzez WordPress theme and its Login Register plugin by security researchers [2].
Description
These flaws, now patched in version 3.3.0 or higher [3], could allow unauthorized users to escalate their privileges and potentially compromise entire WordPress sites [2] [3] [4]. The primary issue was an unauthenticated privilege escalation vulnerability within the Houzez theme [2] [3], allowing unauthenticated users to gain elevated privileges through specific HTTP requests [2]. This vulnerability stemmed from inadequate authorization checks in the code processing user input [2], specifically in the function responsible for password resets [2]. Additionally, the Houzez Login Register plugin exhibited weaknesses [2], allowing unauthenticated users to modify email addresses associated with any user account [2], potentially leading to account takeovers [2]. To address these vulnerabilities [2] [3], the vendor has released updates for both the Houzez theme and the Login Register plugin [2], which include enhanced role checks and the removal of the vulnerable function from the plugin [2].
Conclusion
These security vulnerabilities pose a significant risk to WordPress sites using the affected theme and plugin. It is crucial for users to update to version 3.3.0 or higher to protect their sites from potential attacks. Moving forward, developers should prioritize robust authorization checks and regularly update their themes and plugins to prevent similar vulnerabilities from being exploited in the future.
References
[1] https://techkranti.com/23-sep-24-in-security-news-today/
[2] https://www.infosecurity-magazine.com/news/vulnerabilities-found-houzez-theme/
[3] https://securityonline.info/wordpress-theme-houzez-and-associated-plugin-vulnerabilities-expose-thousands-of-sites/
[4] https://patchstack.com/articles/privilege-escalation-vulnerability-patched-in-houzez-theme/