Data Modification Vulnerability in User Profile Builder Plugin for WordPress
CVE-2024-0324

7.5HIGH

Key Information:

Vendor: Wordpress
Status: User Profile Builder – Beautiful User Registration Forms, User Profiles & User Role Editor
Vendor: CVE Published:; 5 February 2024

Summary

The User Profile Builder plugin for WordPress is susceptible to unauthorized data modification due to the absence of capability checks within the 'wppb_two_factor_authentication_settings_update' function. This flaw exists in all versions up to and including 3.10.8, allowing unauthenticated attackers to manipulate two-factor authentication (2FA) settings for any user role. As a result, attackers may enable or disable 2FA functionality available in the Premium version, which poses a significant security risk to users relying on this feature for enhanced account protection.

Affected Version(s)

User Profile Builder – Beautiful User Registration Forms, User Profiles & User Role Editor * <= 3.10.8

References

https://www.wordfence.com/threat-intel/vulnerabilities/id...

https://github.com/WordpressPluginDirectory/profile-build...

https://plugins.trac.wordpress.org/changeset/3022354/

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Feb 5, 2024
Vulnerability Reserved
Jan 8, 2024

Credit

Kodai Kubono