An authenticated privilege escalation vulnerability in the Sunshine Photo Cart plugin allows attackers to hijack administrator accounts, posing a severe risk to site integrity.

This vulnerability stems from improper validation of user-supplied keys within the password reset process. Authenticated attackers with Subscriber-level access or higher can exploit this to reset the passwords of arbitrary users, including site administrators, and subsequently gain full account access.

Successful exploitation allows an attacker to gain administrative control over the WordPress site, leading to potential data theft, unauthorized content modification, or total system compromise. With a CVSS score of 8.8, this high-severity flaw represents a significant threat to organizational security and operational continuity.

Immediate Action: Update the Sunshine Photo Cart plugin to the latest version as specified by the vendor advisory.

Proactive Monitoring: Review user account logs for suspicious password reset requests or unauthorized privilege changes, particularly those involving administrative accounts.

Compensating Controls: Implement strict access control lists and restrict administrative access to known, secure IP ranges where possible to limit the potential impact of hijacked accounts.

Public Exploit Available: false

The ability for a low-privileged user to escalate to administrator status renders this vulnerability critical. Administrators should verify their current version of the Sunshine Photo Cart plugin and apply the vendor-provided patch immediately to prevent account takeover.