CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-35700 – WordPress UserPro plugin <= 5.1.8 - Unauthenticated Account Takeover vulnerability
https://notcve.org/view.php?id=CVE-2024-35700
Improper Privilege Management vulnerability in DeluxeThemes Userpro allows Privilege Escalation.This issue affects Userpro: from n/a through 5.1.8. Vulnerabilidad de gestión de privilegios inadecuada en DeluxeThemes Userpro permite la escalada de privilegios. Este problema afecta a Userpro: desde n/a hasta 5.1.8. The UserPro - Community and User Profile WordPress Plugin plugin for WordPress is vulnerable to unauthenticated account takeover in all versions up to, and including 5.1.8. This makes it possible for unauthenticated attackers to take over user accounts and gain highly privileged access to sites. • https://patchstack.com/database/vulnerability/userpro/wordpress-userpro-plugin-5-1-8-unauthenticated-account-takeover-vulnerability?_s_id=cve • CWE-269: Improper Privilege Management CWE-288: Authentication Bypass Using an Alternate Path or Channel •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-0701 – UserPro <= 5.1.6 - Disabled Membership Registration Bypass
https://notcve.org/view.php?id=CVE-2024-0701
The UserPro plugin for WordPress is vulnerable to Security Feature Bypass in all versions up to, and including, 5.1.6. This is due to the use of client-side restrictions to enforce the 'Disabled registration' Membership feature within the plugin's General settings. This makes it possible for unauthenticated attackers to register an account even when account registration has been disabled by an administrator. El complemento UserPro para WordPress es vulnerable a la omisión de funciones de seguridad en todas las versiones hasta la 5.1.6 incluida. Esto se debe al uso de restricciones del lado del cliente para aplicar la función de Membresía "Registro deshabilitado" dentro de la configuración general del complemento. • https://codecanyon.net/item/userpro-user-profiles-with-social-login/5958681 https://www.wordfence.com/threat-intel/vulnerabilities/id/ea070d9c-c04c-432f-a110-47b9eaa67614?source=cve • CWE-602: Client-Side Enforcement of Server-Side Security •
CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 0CVE-2023-2439 – UserPro <= 5.1.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
https://notcve.org/view.php?id=CVE-2023-2439
The UserPro plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'userpro' shortcode in versions up to, and including, 5.1.5 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. El complemento UserPro para WordPress es vulnerable a cross site scripting almacenado a través del código abreviado 'userpro' en versiones hasta la 5.1.5 incluida debido a una sanitización de entrada insuficiente y a un escape de salida en los atributos proporcionados por el usuario. Esto hace posible que atacantes autenticados con permisos de nivel de colaborador y superiores inyecten scripts web arbitrarios en páginas que se ejecutarán cada vez que un usuario acceda a una página inyectada. • https://codecanyon.net/item/userpro-user-profiles-with-social-login/5958681 https://www.wordfence.com/threat-intel/vulnerabilities/id/21cb424c-4efd-4c12-a08a-6d574f118c28?source=cve • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 2CVE-2023-2437 – UserPro <= 5.1.1 - Authentication Bypass to Administrator
https://notcve.org/view.php?id=CVE-2023-2437
The UserPro plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 5.1.1. This is due to insufficient verification on the user being supplied during a Facebook login through the plugin. This makes it possible for unauthenticated attackers to log in as any existing user on the site, such as an administrator, if they have access to the email. An attacker can leverage CVE-2023-2448 and CVE-2023-2446 to get the user's email address to successfully exploit this vulnerability. El complemento UserPro para WordPress es vulnerable a la omisión de autenticación en versiones hasta la 5.1.1 incluida. • https://github.com/RxRCoder/CVE-2023-2437 http://packetstormsecurity.com/files/175871/WordPress-UserPro-5.1.x-Password-Reset-Authentication-Bypass-Escalation.html https://codecanyon.net/item/userpro-user-profiles-with-social-login/5958681 https://www.wordfence.com/threat-intel/vulnerabilities/id/b3cf9f38-c20e-40dc-a7a1-65b0c6ba7925?source=cve • CWE-287: Improper Authentication CWE-288: Authentication Bypass Using an Alternate Path or Channel •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2023-2438 – UserPro <= 5.1.0 - Cross-Site Request Forgery to Stored Cross-Site Scripting via userpro_save_userdata
https://notcve.org/view.php?id=CVE-2023-2438
The UserPro plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 5.1.0. This is due to missing or incorrect nonce validation on the 'userpro_save_userdata' function. This makes it possible for unauthenticated attackers to update the user meta and inject malicious JavaScript via a forged request, granted they can trick a site administrator into performing an action such as clicking on a link. El complemento UserPro para WordPress es vulnerable a la Cross-Site Request Forgery en versiones hasta la 5.1.0 incluida. Esto se debe a una validación nonce faltante o incorrecta en la función 'userpro_save_userdata'. • https://codecanyon.net/item/userpro-user-profiles-with-social-login/5958681 https://www.wordfence.com/threat-intel/vulnerabilities/id/7d30adc5-27a5-4549-84fc-b930f27f03e5?source=cve • CWE-352: Cross-Site Request Forgery (CSRF) •