CVE-2025-4797 is an authentication bypass vulnerability classified under CWE-288, found in the Golo - City Travel Guide WordPress theme developed by uxper. The vulnerability exists in all versions up to and including 1.7.0 due to improper validation of user identity before setting authorization cookies. Specifically, the theme fails to verify that a user is legitimately authenticated before assigning an authorization cookie, allowing an attacker to impersonate any user by simply knowing their email address. This bypasses normal authentication mechanisms, enabling privilege escalation and account takeover, including administrator accounts. The vulnerability is remotely exploitable over the network without requiring any user interaction or prior authentication, making it highly accessible to attackers. The CVSS v3.1 base score is 9.8, indicating critical severity with high impact on confidentiality, integrity, and availability. While no public exploits have been reported yet, the flaw poses a significant risk to websites using this theme, especially those that rely on it for user management and sensitive data. The lack of available patches at the time of reporting increases the urgency for mitigation. The vulnerability could lead to full site compromise, data theft, defacement, or use of the site as a pivot point for further attacks.

The impact of CVE-2025-4797 is severe for organizations using the Golo WordPress theme. An attacker can gain unauthorized access to any user account, including administrators, leading to complete site takeover. This compromises the confidentiality of user data and site content, the integrity of website operations, and the availability of services. Attackers could steal sensitive information, modify or delete content, inject malicious code, or disrupt services. For tourism-related businesses and city guide websites relying on this theme, the breach could damage reputation, cause financial loss, and erode user trust. Additionally, compromised sites could be leveraged to launch further attacks against visitors or connected networks. The ease of exploitation and lack of required authentication or user interaction amplify the threat, making it a critical risk globally wherever this theme is deployed.

Immediate mitigation steps include: 1) Updating the Golo theme to a patched version once released by the vendor; 2) If no patch is available, temporarily disabling or replacing the theme to prevent exploitation; 3) Implementing web application firewall (WAF) rules to detect and block suspicious requests attempting to set authorization cookies without proper authentication; 4) Monitoring access logs for unusual login patterns or repeated attempts to exploit the vulnerability; 5) Enforcing strong email address confidentiality to reduce attacker knowledge of valid user emails; 6) Applying principle of least privilege to user accounts to limit damage if compromise occurs; 7) Regularly backing up website data to enable recovery from potential attacks; 8) Conducting security audits and penetration testing to identify any exploitation attempts. Organizations should also educate administrators about this vulnerability and prepare incident response plans in case of compromise.