A critical authentication bypass vulnerability has been identified in the Elated Membership plugin for WordPress. This flaw allows an unauthenticated attacker to gain complete administrative control over a website by exploiting a weakness in the social login functionality. Successful exploitation could lead to a full site compromise, data theft, and significant reputational damage.

The Elated Membership plugin for WordPress contains an authentication bypass vulnerability within its social login feature. The flaw exists because the eltdf_membership_check_facebook_user and eltdf_membership_login_user_from_social_network functions fail to properly validate that a user has successfully authenticated with the social media provider. An unauthenticated attacker can initiate a social login process using the email address of an existing administrative user. The plugin will identify the user account based on the email but will then incorrectly log the attacker into that account without completing the required authentication checks, granting them full administrative privileges.

This vulnerability is rated as critical severity with a CVSS score of 9.8. A successful attack would grant an adversary the same privileges as a legitimate administrator, leading to a complete compromise of the WordPress site. Potential consequences include theft of sensitive user data, financial information, and intellectual property; website defacement causing significant reputational harm; and the use of the compromised server to host malware or launch further attacks against the organization's infrastructure and customers.

Immediate Action: Immediately update the Elated Membership plugin for WordPress to the latest version provided by the vendor (a version later than 1.2). After patching, thoroughly review web server and application access logs for any unauthorized administrative logins or suspicious activity that may have occurred prior to the update.

Proactive Monitoring: Continuously monitor WordPress access logs for unusual login patterns, such as successful administrative logins from unexpected IP addresses or geographical locations. Scrutinize logs for activity related to the social login functions. Implement file integrity monitoring to detect unauthorized changes to core WordPress files, themes, or plugins.

Compensating Controls: If patching is not immediately possible, disable the social login functionality within the Elated Membership plugin settings as a temporary mitigation. Deploy a Web Application Firewall (WAF) with rules to block requests attempting to exploit authentication flaws. Additionally, enforce Multi-Factor Authentication (MFA) on all administrative accounts and restrict access to the WordPress admin portal (/wp-admin) to trusted IP addresses only.

Public Exploit Available: false

Given the critical CVSS score of 9.8, organizations must treat this vulnerability with the highest priority. The risk of a complete website compromise is severe. We strongly recommend applying the vendor-supplied patch immediately to all affected systems. Although this CVE is not currently on the CISA KEV list, its characteristics make it a prime candidate for future inclusion and widespread exploitation. A post-patch audit of user accounts and site integrity is essential to ensure no prior compromise has occurred.