Description
WordPress Plugin User Profile Builder-Beautiful User Registration Forms, User Profiles & User Role Editor is prone to a security bypass vulnerability. Exploiting this issue may allow attackers to perform otherwise restricted actions and subsequently create new user accounts with admin privileges. WordPress Plugin User Profile Builder-Beautiful User Registration Forms, User Profiles & User Role Editor version 2.3.5 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 2.3.6 or latest
References
Related Vulnerabilities
WordPress Plugin BuddyPress Security Bypass (2.3.4)
WordPress Plugin WP Socializer-Simple & Easy Social Media Share Icons Cross-Site Scripting (7.2)
WordPress Plugin ARPrice-Responsive Pricing Table Cross-Site Request Forgery (2.3)
Squid Uncontrolled Resource Consumption Vulnerability (CVE-2021-46784)