CVE-2024-12824 Scanner

Nokri is a WordPress theme designed for creating job boards. It provides a flexible platform for managing job listings, applications, and employer/employee interactions. The theme is widely used by businesses and recruiters to create a professional online job portal. With various features such as job posting, search filters, and resume management, it serves as an efficient solution for companies and individuals looking to hire or find employment. Nokri also supports integration with other plugins to extend its functionalities. It is a popular choice among WordPress users due to its ease of use and feature-rich capabilities.

This vulnerability allows unauthenticated attackers to change any user's password, including administrators, on sites using the Nokri Job Board WordPress Theme. It occurs because the theme fails to properly validate the token before updating sensitive user details, such as passwords. The lack of proper token validation enables an attacker to bypass authentication and modify user credentials. By exploiting this flaw, attackers can take over user accounts, including admin accounts, which could lead to a full site compromise. The vulnerability affects all versions of the Nokri theme up to and including version 1.6.2.

The issue is triggered when an attacker sends a crafted POST request to the /wp-admin/admin-ajax.php endpoint with a valid action (sb_reset_password) and a manipulated password token. The request does not properly verify the token, allowing the attacker to reset the password of any user, including administrators. Once the password is successfully changed, the attacker can log into the victim's account using the new password. This vulnerability can be exploited without any prior authentication, making it a critical security risk for sites using the affected theme. Additionally, the attacker can perform the attack repeatedly with various user accounts to escalate privileges or compromise the site.

If exploited, this vulnerability allows attackers to gain unauthorized access to any account, including administrative accounts, on websites using the vulnerable theme. Once in control, attackers could alter the website's content, access sensitive data, or disrupt site operations. The ability to reset user passwords gives attackers the power to conduct privilege escalation attacks, making it easy to gain control over the entire site. This breach could lead to data theft, defacement, or other malicious activities. In a worst-case scenario, an attacker could use the compromised admin account to launch further attacks, such as installing malware or taking down the site completely.

REFERENCES

• https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-themes/nokri-2/nokri-job-board-wordpress-theme-162-unauthenticated-arbitrary-password-change
• https://themeforest.net/item/nokri-job-board-wordpress-theme/22677241
• https://www.wordfence.com/threat-intel/vulnerabilities/id/60a7cce0-637f-49bd-aa4a-fd7023d99a64?source=cve
• https://github.com/20142995/nuclei-templates