CVE-2023-2447 – UserPro <= 5.1.1 - Cross-Site Request Forgery to Sensitive Information Exposure
https://notcve.org/view.php?id=CVE-2023-2447
The UserPro plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 5.1.1. This is due to missing or incorrect nonce validation on the 'export_users' function. This makes it possible for unauthenticated attackers to export the users to a csv file, granted they can trick a site administrator into performing an action such as clicking on a link. El complemento UserPro para WordPress es vulnerable a Cross-Site Request Forgery en versiones hasta la 5.1.1 incluida. Esto se debe a una validación nonce faltante o incorrecta en la función 'export_users'. • https://codecanyon.net/item/userpro-user-profiles-with-social-login/5958681 https://www.wordfence.com/threat-intel/vulnerabilities/id/0372efe4-b5be-4601-be43-5c12332ea1a5?source=cve • CWE-352: Cross-Site Request Forgery (CSRF) •
CVE-2023-6008 – UserPro <= 5.1.1 - Cross-Site Request Forgery via multiple functions
https://notcve.org/view.php?id=CVE-2023-6008
The UserPro plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 5.1.1. This is due to missing or incorrect nonce validation on multiple functions. This makes it possible for unauthenticated attackers to add, modify, or delete user meta and plugin options. El complemento UserPro para WordPress es vulnerable a Cross-Site Request Forgery en versiones hasta la 5.1.1 incluida. Esto se debe a una validación nonce faltante o incorrecta en múltiples funciones. • https://codecanyon.net/item/userpro-user-profiles-with-social-login/5958681 https://www.wordfence.com/threat-intel/vulnerabilities/id/ed6e2b9e-3d70-4c07-a779-45164816b89c?source=cve • CWE-352: Cross-Site Request Forgery (CSRF) •
CVE-2023-2449 – UserPro <= 5.1.1 - Insecure Password Reset Mechanism
https://notcve.org/view.php?id=CVE-2023-2449
The UserPro plugin for WordPress is vulnerable to unauthorized password resets in versions up to, and including 5.1.1. This is due to the plugin using native password reset functionality, with insufficient validation on the password reset function (userpro_process_form). The function uses the plaintext value of a password reset key instead of a hashed value which means it can easily be retrieved and subsequently used. An attacker can leverage CVE-2023-2448 and CVE-2023-2446, or another vulnerability like SQL Injection in another plugin or theme installed on the site to successfully exploit this vulnerability. El complemento UserPro para WordPress es vulnerable a restablecimientos de contraseña no autorizados en versiones hasta la 5.1.1 incluida. • http://packetstormsecurity.com/files/175871/WordPress-UserPro-5.1.x-Password-Reset-Authentication-Bypass-Escalation.html https://codecanyon.net/item/userpro-user-profiles-with-social-login/5958681 https://www.wordfence.com/threat-intel/vulnerabilities/id/de9be7bc-4f8a-4393-8ebb-1b1f141b7585?source=cve • CWE-620: Unverified Password Change •
CVE-2023-2438 – UserPro <= 5.1.0 - Cross-Site Request Forgery to Stored Cross-Site Scripting via userpro_save_userdata
https://notcve.org/view.php?id=CVE-2023-2438
The UserPro plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 5.1.0. This is due to missing or incorrect nonce validation on the 'userpro_save_userdata' function. This makes it possible for unauthenticated attackers to update the user meta and inject malicious JavaScript via a forged request, granted they can trick a site administrator into performing an action such as clicking on a link. El complemento UserPro para WordPress es vulnerable a la Cross-Site Request Forgery en versiones hasta la 5.1.0 incluida. Esto se debe a una validación nonce faltante o incorrecta en la función 'userpro_save_userdata'. • https://codecanyon.net/item/userpro-user-profiles-with-social-login/5958681 https://www.wordfence.com/threat-intel/vulnerabilities/id/7d30adc5-27a5-4549-84fc-b930f27f03e5?source=cve • CWE-352: Cross-Site Request Forgery (CSRF) •
CVE-2023-2437 – UserPro <= 5.1.1 - Authentication Bypass to Administrator
https://notcve.org/view.php?id=CVE-2023-2437
The UserPro plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 5.1.1. This is due to insufficient verification on the user being supplied during a Facebook login through the plugin. This makes it possible for unauthenticated attackers to log in as any existing user on the site, such as an administrator, if they have access to the email. An attacker can leverage CVE-2023-2448 and CVE-2023-2446 to get the user's email address to successfully exploit this vulnerability. El complemento UserPro para WordPress es vulnerable a la omisión de autenticación en versiones hasta la 5.1.1 incluida. • https://github.com/RxRCoder/CVE-2023-2437 http://packetstormsecurity.com/files/175871/WordPress-UserPro-5.1.x-Password-Reset-Authentication-Bypass-Escalation.html https://codecanyon.net/item/userpro-user-profiles-with-social-login/5958681 https://www.wordfence.com/threat-intel/vulnerabilities/id/b3cf9f38-c20e-40dc-a7a1-65b0c6ba7925?source=cve • CWE-287: Improper Authentication CWE-288: Authentication Bypass Using an Alternate Path or Channel •