WordPress has released patches for two critical vulnerabilities in its Houzez theme and Houzez Login Register plugin, identified as CVE-2024-22303 and CVE-2024-21743. These vulnerabilities allow for privilege escalation, enabling malicious actors to elevate their access from low-privileged accounts to higher privileges, which poses a significant security risk. Users are strongly advised to update to the latest versions of the theme and plugin to safeguard their sites against potential exploitation.