CVE Radar Logo
CVERadar
CVE Radar Logo
CVERadar

CVE-2024-12876

Medium Severity
SVRS
30/100
CVSSv3
NA/10
EPSS
0.0007/1

CVE-2024-12876 is a critical vulnerability in the Golo - City Travel Guide WordPress Theme that allows for privilege escalation and account takeover. This flaw exists due to improper validation of user identity when updating passwords, affecting versions up to 1.6.10. An unauthenticated attacker can exploit this to change passwords of any user, including administrators, gaining unauthorized access. While the CVSS score is 0, the SOCRadar Vulnerability Risk Score (SVRS) is 30 indicating a moderate risk level. The presence of the "In The Wild" tag suggests active exploitation may be occurring. Organizations using this theme should immediately update to the latest version. Failing to patch this vulnerability could lead to significant data breaches and compromise of the entire WordPress site. The lack of proper authentication checks makes this a particularly dangerous flaw for any website running the affected theme.

TAGS
In The Wild
VECTOR STRING
PUBLICATION DATE2025-03-07
LAST MODIFIED2025-03-13
Eye Icon
SOCRadar
AI Insight

Description

CVE-2024-12876 is a critical privilege escalation vulnerability affecting the Golo - City Travel Guide WordPress Theme (versions up to 1.6.10). It allows unauthenticated attackers to take over any user account, including administrators, by exploiting a flaw in the password reset process. The plugin fails to properly validate a user's identity before allowing a password change, making it trivial for attackers to reset passwords and gain unauthorized access. The SOCRadar Vulnerability Risk Score (SVRS) of 42 indicates a moderate risk.

Key Insights

  • Account Takeover Potential: The vulnerability's primary threat is the complete compromise of WordPress administrator accounts. This grants attackers full control over the affected website, enabling them to inject malicious code, deface the site, steal sensitive data, or use the site for other malicious purposes.
  • Unauthenticated Exploitation: No authentication is required to exploit this vulnerability, meaning anyone can initiate the password reset process and potentially take over an account. This makes it exceptionally easy to exploit.
  • Widespread Impact: Given the popularity of WordPress and the potential use of this theme across numerous sites, the vulnerability has the potential for widespread impact.

Mitigation Strategies

  1. Immediate Update/Removal: The highest priority action is to immediately update the Golo - City Travel Guide WordPress Theme to a patched version that addresses the vulnerability. If an update is not available, consider removing the theme entirely and switching to a secure alternative.
  2. Password Reset: Immediately reset the passwords for all WordPress administrator accounts on any sites using the Golo theme. Force users to set a new, strong password upon next login.
  3. Security Audit: Conduct a thorough security audit of the WordPress installation to identify any other potential vulnerabilities or signs of compromise. Check plugin versions and core WordPress files for integrity.

Additional Information

If users have additional queries regarding this incident, they can use the 'Ask to Analyst' feature, contact SOCRadar directly, or open a support ticket for more information if necessary.

Indicators of Compromise

No IOCs found for this CVE

Exploits

No exploits found for this CVE

Enhance Your CVE Management with SOCRadar Vulnerability Intelligence
Get comprehensive CVE details, real-time notifications, and proactive threat management all in one platform.
CREATE FREE ACCOUNT
CVE Details
Access comprehensive CVE information instantly
Real-time Tracking
Subscribe to CVEs and get instant updates
Exploit Analysis
Monitor related APT groups and threats
IOC Tracking
Analyze and track CVE-related IOCs

News

CVE-2024-12876 | uxper Golo Plugin up to 1.6.10 on WordPress authorization
vuldb.com2025-03-07
CVE-2024-12876 | uxper Golo Plugin up to 1.6.10 on WordPress authorization | A vulnerability was found in uxper Golo Plugin up to 1.6.10 on WordPress and classified as critical. Affected by this issue is some unknown functionality. The manipulation leads to missing authorization. This vulnerability is handled as CVE-2024-12876. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component
vuldb.com
rss
forum
news

Social Media

CVE-2024-12876 The Golo - City Travel Guide WordPress Theme theme for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 1.6.… https://t.co/R6WshAkoBR
0
0
0
[CVE-2024-12876: CRITICAL] Vulnerability alert: Golo - City Travel Guide WordPress Theme in versions up to 1.6.10 allows unauthenticated attackers to change user passwords, risking account takeover. Update now!#cybersecurity,#vulnerability https://t.co/xfD3lyreqA https://t.co/5tsE0CeFaX
0
0
0

Affected Software

No affected software found for this CVE

References

ReferenceLink
[email protected]https://themeforest.net/item/golo-directory-listing-travel-wordpress-theme/25397810
[email protected]https://www.wordfence.com/threat-intel/vulnerabilities/id/e6cb81e5-61a4-4b67-a668-d8a7d46b2cea?source=cve

CWE Details

CWE IDCWE NameDescription
CWE-862Missing AuthorizationThe software does not perform an authorization check when an actor attempts to access a resource or perform an action.

CVE Radar

Real-time CVE Intelligence & Vulnerability Management Platform

CVE Radar provides comprehensive vulnerability intelligence by monitoring CVE databases, security advisories, and threat feeds. Get instant updates on new vulnerabilities, exploit details, and mitigation strategies specific to your assets.

Get Free Vulnerability Intelligence AccessAccess real-time CVE monitoring, exploit analysis, and threat intelligence