Skip to main content

Sonaar WordPress Theme EUVDEUVD-2025-210222

| CVE-2025-59563 HIGH
Incorrect Privilege Assignment (CWE-266)
2026-06-17 Patchstack
8.8
CVSS 3.1 · Vendor: Patchstack
Share

Severity by source

Vendor (Patchstack) PRIMARY
8.8 HIGH
AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
vuln.today AI
8.8 HIGH

Network-reachable WordPress endpoint (AV:N/AC:L), requires an authenticated Subscriber (PR:L), no user interaction, and Subscriber-to-Admin escalation yields full C/I/A impact.

3.1 AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
4.0 AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Primary rating from Vendor (Patchstack).

CVSS VectorVendor: Patchstack

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

1
Analysis Generated
Jun 17, 2026 - 12:45 vuln.today

DescriptionCVE.org

Subscriber Privilege Escalation in Sonaar <= 4.27.4 versions.

AnalysisAI

Privilege escalation in the Sonaar WordPress theme through version 4.27.4 allows an authenticated low-privileged user (Subscriber role) to elevate their permissions, gaining administrative control over the WordPress site. The flaw is categorized as CWE-266 (Incorrect Privilege Assignment) and was disclosed via Patchstack; no public exploit identified at time of analysis, but the low attacker prerequisites (any Subscriber account, which is often self-registerable on WordPress sites) make this a meaningful risk for affected installations.

Technical ContextAI

Sonaar is a commercial WordPress theme by Sonaar Music targeted at musicians, podcasters, and audio-focused sites, with built-in player and member-area features. The CPE cpe:2.3:a:sonaar_music:sonaar covers all versions up to and including 4.27.4. The root cause class, CWE-266 (Incorrect Privilege Assignment), typically arises in WordPress themes when AJAX handlers, profile-update endpoints, or option-setting routines fail to verify the caller's capability (e.g. missing current_user_can() checks) or accept user-controlled role/meta values such as wp_capabilities or wp_user_level directly from request input, allowing a logged-in Subscriber to escalate to Administrator.

RemediationAI

Patch availability is not explicitly confirmed in the provided data, so consult the Patchstack advisory at https://patchstack.com/database/wordpress/theme/sonaar/vulnerability/wordpress-sonaar-theme-4-27-4-privilege-escalation-vulnerability for the vendor-released fixed version and upgrade Sonaar to any release later than 4.27.4 as soon as it is published. As compensating controls until patched: disable open user registration by unticking Settings > General > 'Anyone can register' (side effect: blocks legitimate self-signup, requiring manual or alternate onboarding); audit existing Subscriber accounts and remove unrecognized ones; place the site behind Patchstack's virtual patching or a WAF rule set that covers this CVE; and monitor for unexpected role/capability changes via a logging plugin such as WP Activity Log (overhead: extra DB writes per admin action).

Share

EUVD-2025-210222 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy