Impact
The Admin and Site Enhancements plugin allows attackers to restore a previously demoted administrator account without any form of authentication or authorization. This flaw arises because the role-restoration handler lacks proper access control and nonce validation, enabling an unauthenticated user to elevate privileges and gain full administrative rights over the WordPress site.
Affected Systems
WordPress installations running the Admin and Site Enhancements (ASE) plugin or the admin-site-enhancements-pro variant with a version lower than 8.8.4 are at risk. The vulnerability exists in all prior releases up to, but not including, 8.8.4.
Risk and Exploitability
The vulnerability is highly impactful, with a CVSS score of 8.1. Its EPSS score of less than 1% indicates that exploitation attempts are currently rare, and the flaw is not listed in the CISA KEV catalog. An attacker can trigger the role-restoration endpoint simply by sending an unauthenticated HTTP request containing a reset-for parameter, making the exploit straightforward. Based on the description, it is inferred that no additional privileges are required to execute the attack.
OpenCVE Enrichment