WP User Manager < 2.6.3 - Arbitrary User Password Reset to Account Compromise
CVE-2021-24655

7.5HIGH

Key Information:

Vendor: Wordpress
Status: WP User Manager – User Profile Builder & Membership
Vendor: CVE Published:; 17 July 2022

Summary

The WP User Manager WordPress plugin before 2.6.3 does not ensure that the user ID to reset the password of is related to the reset key given. As a result, any authenticated user can reset the password (to an arbitrary value) of any user knowing only their ID, and gain access to their account.

Affected Version(s)

WP User Manager – User Profile Builder & Membership 2.6.3

References

https://wpscan.com/vulnerability/cce03550-7f65-4172-819e-...

x_refsource_MISC

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jul 17, 2022
Vulnerability Reserved
Jan 14, 2021

Credit

AyeCode Ltd