An unauthenticated privilege escalation vulnerability in the ProfileGrid WordPress plugin allows remote attackers to hijack the administrator account via email address modification.

The plugin fails to correctly validate the user_login parameter during registration, allowing an unauthenticated attacker to manipulate the email address associated with the primary administrator account (ID=1). This facilitates a password reset request to an attacker-controlled email address, resulting in full unauthorized access.

This vulnerability allows for a complete compromise of the WordPress site. Given the CVSS score of 9.8, the business impact includes total loss of site control, potential data theft, and the ability for the attacker to inject malicious code, leading to long-term reputational damage and site blacklisting.

Immediate Action: Update the ProfileGrid plugin to the latest available version released by metagauss that addresses this registration logic flaw.

Proactive Monitoring: Review WordPress user audit logs for any unexpected changes to administrator email addresses or suspicious registration activity.

Compensating Controls: Disable user registration on the WordPress site as a temporary measure if an immediate update is not feasible.

Public Exploit Available: Unknown

Site administrators must treat this as a critical priority. Update the plugin immediately to prevent complete site takeover and ensure that administrative account security is maintained.