CVE-2025-4797 – “Golo – City Travel Guide WordPress Theme Privilege Escalation via Account Takeover”

June 3, 2025

CVE ID : CVE-2025-4797

Published : June 3, 2025, 5:15 a.m. | 29 minutes ago

Description : The Golo – City Travel Guide WordPress Theme theme for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 1.7.0. This is due to the plugin not properly validating a user’s identity prior to setting an authorization cookie. This makes it possible for unauthenticated attackers to log in as any user, including administrators, provided they know the user’s email address.

Severity: 9.8 | CRITICAL

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2024-53010 – VMware ESXi Memory Corruption Vulnerability

Next Article CVE-2025-4224 – WordPress wpForo Advanced Attachments Stored Cross-Site Scripting Vulnerability

The Case For Minimal WordPress Setups: A Contrarian View On Theme Frameworks

How To Fix Largest Contentful Paint Issues With Subpart Analysis

How To Prevent WordPress SQL Injection Attacks

In MCP era API discoverability is now more important than ever

Google’s DeepMind CEO lists 2 AGI existential risks to society keeping him up at night — but claims “today’s AI systems” don’t warrant a pause on development

Anthropic researchers say next-generation AI models will reduce humans to “meat robots” in a spectrum of crazy futures

Xbox just quietly added two of the best RPGs of all time to Game Pass

7 reasons The Division 2 is a game you should be playing in 2025

Mastering TypeScript: How Complex Should Your Types Be?

Mastering TypeScript: How Complex Should Your Types Be?

IDMC – CDI Best Practices

PWC-IDMC Migration Gaps

Google’s DeepMind CEO lists 2 AGI existential risks to society keeping him up at night — but claims “today’s AI systems” don’t warrant a pause on development

Google’s DeepMind CEO lists 2 AGI existential risks to society keeping him up at night — but claims “today’s AI systems” don’t warrant a pause on development

Anthropic researchers say next-generation AI models will reduce humans to “meat robots” in a spectrum of crazy futures

Xbox just quietly added two of the best RPGs of all time to Game Pass

CVE-2025-4797 – “Golo – City Travel Guide WordPress Theme Privilege Escalation via Account Takeover”

Fake Recruiter Emails Target CFOs Using Legit NetBird Tool Across 6 Global Regions

Qualcomm Fixes 3 Zero-Days Used in Targeted Android Attacks via Adreno GPU

New to the web platform in June

Microsoft Teams launches as a single app for work, personal, and education

Alice Calls

Beyond Aha Moments: Structuring Reasoning in Large Language Models

Valuable Tips for Engaging with Tech Users

ElasticLens: Eloquent-Powered Elasticsearch for Laravel

How do you enter data from a jhtml Area element using selenium?

Intel’s new CEO, Lip-Bu Tan, will deliver a keynote speech to enterprise audiences at Vision 2025 — Streamed live on YouTube

CVE-2025-4797 – “Golo – City Travel Guide WordPress Theme Privilege Escalation via Account Takeover”

Related Posts