A critical privilege escalation vulnerability in the TMS Amelia plugin for WordPress enables subscriber-level users to gain administrative access to the system.

This vulnerability (CWE-266) involves an incorrect privilege assignment, allowing a user with subscriber-level access to escalate their privileges within the Amelia booking system. The vulnerability is known to be easily exploitable.

The CVSS score of 8.8 highlights the high severity of this issue. An attacker with subscriber access can leverage this flaw to gain administrative rights, effectively taking over the WordPress instance. This could result in unauthorized booking data access, site defacement, or the compromise of sensitive customer information stored within the plugin.

Immediate Action: Update the TMS Amelia plugin to version 2.4 or higher immediately.

Proactive Monitoring: Audit recent user activity for any accounts that may have performed administrative functions while assigned a subscriber role.

Compensating Controls: Limit access to the booking portal or disable user registration until the plugin can be successfully patched to prevent exploitation.

Public Exploit Available: false

Privilege escalation vulnerabilities in plugins are high-value targets for attackers. Given the ease of exploitation, it is essential to update the Amelia plugin immediately and verify that no unauthorized administrative accounts have been created by existing subscribers.