Acunetix DAST powers runtime capabilities for Invicti’s complete AppSec platform. Visit Invicti for more.

WEB APPLICATION VULNERABILITIES Standard & Premium

WordPress Plugin UserPro-Community and User Profile Multiple Vulnerabilities (5.1.1)

Description

WordPress Plugin UserPro-Community and User Profile is prone to multiple vulnerabilities, including security bypass, privilege escalation, information disclosure or cross-site request forgery vulnerabilities. An attacker may leverage these issues to perform otherwise restricted actions and subsequently log in as any existing user on the site, given they know the user�s email address, to bypass the expected capabilities check and perform otherwise restricted actions, to obtain sensitive information that may help in launching further attacks, or to perform certain administrative actions and gain unauthorized access to the affected application. WordPress Plugin UserPro-Community and User Profile version 5.1.1 is vulnerable; prior versions may also be affected.

Remediation

Update to plugin version 5.1.2 or latest

References

https://www.wordfence.com/blog/2023/11/several-critical-vulnerabilities-including-privilege-escalation-authentication-bypass-and-more-patched-in-userpro-wordpress-plugin/

https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/userpro/userpro-511-cross-site-request-forgery-to-sensitive-information-exposure

https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/userpro/userpro-511-missing-authorization-via-multiple-functions

https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/userpro/userpro-511-cross-site-request-forgery-to-privilege-escalation

https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/userpro/userpro-511-cross-site-request-forgery-via-multiple-functions

https://codecanyon.net/item/userpro-user-profiles-with-social-login/5958681#item-description__updates

Related Vulnerabilities

WordPress Plugin Coming soon and Maintenance mode Unspecified Vulnerability (3.5.4)

Plone CMS Resource Management Errors Vulnerability (CVE-2012-5506)

WordPress Plugin Smart Marketing SMS and Newsletters Forms Security Bypass (2.6.1)

WordPress Ultimate Member Plugin Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-9304)

WordPress Plugin Accept Signups 'email' Parameter Cross-Site Scripting (0.1)

Severity

High

Classification

CVE-2023-2437 CVE-2023-2440 CVE-2023-2446 CVE-2023-2447 CVE-2023-2449 CVE-2023-6007 CVE-2023-6008 CWE-200 CWE-269 CWE-345 CWE-352 CWE-862 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Tags

Missing Update