A high-severity vulnerability has been identified in the Nokri - Job Board WordPress Theme, allowing for privilege escalation. An attacker could exploit this flaw to take over existing user accounts, including administrator accounts, granting them full control over the affected website. This could lead to website defacement, theft of sensitive user data, or the distribution of malware.

The vulnerability exists within the Nokri - Job Board WordPress Theme and allows an unauthenticated or low-privileged attacker to perform an account takeover. This is typically caused by a lack of proper authorization checks on a function that handles user data modification, such as updating a profile's email address or resetting a password. An attacker could exploit this to change the credentials of a high-privileged user, like an administrator, effectively locking them out and gaining complete control of the account and the WordPress site.

This vulnerability presents a significant risk to the organization, reflected by its High severity rating with a CVSS score of 8.8. Successful exploitation would grant an attacker administrative control over the website, leading to severe consequences. These include the potential for theft and public exposure of sensitive data from the job board (e.g., resumes, PII of applicants and employers), reputational damage from website defacement, and financial loss if the site is used for e-commerce or lead generation. The compromised site could also be used to host malware or launch further attacks against visitors or the internal network.

Immediate Action: Immediately update the "Nokri - Job Board WordPress Theme" to the latest patched version provided by the vendor. If a patch is not yet available, or the theme is no longer supported, it should be disabled and uninstalled immediately. After remediation, review all administrator-level user accounts for any unauthorized changes to email addresses or passwords.

Proactive Monitoring: Monitor web server and application logs for suspicious activity targeting user profile pages or password reset functionalities. Look for unexpected POST requests to user management endpoints, particularly from unknown IP addresses. Implement alerts for any changes to administrative account credentials or the creation of new, unauthorized admin accounts.

Compensating Controls: If patching cannot be performed immediately, implement a Web Application Firewall (WAF) with rules designed to block malicious requests against known vulnerable endpoints. Enforce mandatory Multi-Factor Authentication (MFA) for all users, especially administrators, to prevent unauthorized access even if credentials are compromised. Restrict access to the WordPress admin portal (/wp-admin/) to trusted IP addresses only.

Public Exploit Available: false

Given the high severity (CVSS 8.8) of this vulnerability and its potential for complete system compromise, immediate action is required. We strongly recommend that all instances of the "Nokri - Job Board WordPress Theme" be identified and patched without delay. While this CVE is not currently on the CISA KEV list, its critical impact warrants treating it with the same level of urgency as a known exploited vulnerability. If the theme cannot be updated, it must be disabled and replaced to mitigate the risk.