Unauthorized Data Modification Vulnerability in User Registration Plugin
CVE-2024-4958

7.1HIGH

Key Information:

Vendor: Wordpress
Status: User Registration – Custom Registration Form, Login Form, And User Profile WordPress Plugin
Vendor: CVE Published:; 1 June 2024

Summary

The User Registration – Custom Registration Form, Login Form, and User Profile WordPress Plugin is vulnerable to unauthorized modification of data. Due to a missing capability check in the 'import_form_action' function, authenticated attackers with contributor-level permissions and above can import a registration form that defaults the user role to administrator. This vulnerability allows such attackers to escalate their privileges, as any post or page published with a shortcode linked to the imported form can enable any user to register as an administrator. This poses a significant security risk, particularly for WordPress sites utilizing this plugin version.

Affected Version(s)

User Registration – Custom Registration Form, Login Form, and User Profile WordPress Plugin * <= 3.2.0.1

References

https://www.wordfence.com/threat-intel/vulnerabilities/id...

https://plugins.trac.wordpress.org/changeset/3095484/user...

CVSS V3.1

Score:

7.1

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

Low

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Jun 1, 2024
Vulnerability Reserved
May 15, 2024

Credit

Thanh Nam Tran