CVSS: 8.2EPSS: 0%CPEs: 1EXPL: 1CVE-2024-0324 – User Profile Builder <= 3.10.8 - Missing Authorization to Plugin Settings Change via wppb_two_factor_authentication_settings_update
https://notcve.org/view.php?id=CVE-2024-0324
The User Profile Builder – Beautiful User Registration Forms, User Profiles & User Role Editor plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'wppb_two_factor_authentication_settings_update' function in all versions up to, and including, 3.10.8. This makes it possible for unauthenticated attackers to enable or disable the 2FA functionality present in the Premium version of the plugin for arbitrary user roles. El complemento User Profile Builder – Beautiful User Registration Forms, User Profiles & User Role Editor para WordPress es vulnerable a modificaciones no autorizadas de datos debido a una falta de verificación de capacidad en la función 'wppb_two_factor_authentication_settings_update' en todas las versiones hasta la 3.10.8 incluida. Esto hace posible que atacantes no autenticados habiliten o deshabiliten la funcionalidad 2FA presente en la versión Premium del complemento para roles de usuario arbitrarios. • https://github.com/kodaichodai/CVE-2024-0324 https://github.com/WordpressPluginDirectory/profile-builder/blob/main/profile-builder/admin/admin-functions.php#L517 https://plugins.trac.wordpress.org/changeset/3022354 https://www.wordfence.com/threat-intel/vulnerabilities/id/23caef95-36b6-40aa-8dd7-51a376790a40?source=cve • CWE-284: Improper Access Control CWE-862: Missing Authorization •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-22140 – WordPress Profile Builder Pro Plugin <= 3.10.0 is vulnerable to Cross Site Request Forgery (CSRF)
https://notcve.org/view.php?id=CVE-2024-22140
Cross-Site Request Forgery (CSRF) vulnerability in Cozmoslabs Profile Builder Pro.This issue affects Profile Builder Pro: from n/a through 3.10.0. Vulnerabilidad de Cross-Site Request Forgery (CSRF) en Cozmoslabs Profile Builder Pro. Este problema afecta a Profile Builder Pro: desde n/a hasta 3.10.0. The Profile Builder Pro plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 3.10.0. This is due to missing or incorrect nonce validation. • https://patchstack.com/database/vulnerability/profile-builder-pro/wordpress-profile-builder-pro-plugin-3-10-0-csrf-leading-to-account-takeover-vulnerability?_s_id=cve • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 0CVE-2024-22142 – WordPress Profile Builder Pro Plugin <= 3.10.0 is vulnerable to Cross Site Scripting (XSS)
https://notcve.org/view.php?id=CVE-2024-22142
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Cozmoslabs Profile Builder Pro allows Reflected XSS.This issue affects Profile Builder Pro: from n/a through 3.10.0. La vulnerabilidad de neutralización incorrecta de la entrada durante la generación de páginas web ('Scripting entre sitios') en Cozmoslabs Profile Builder Pro permite el XSS reflejado. Este problema afecta a Profile Builder Pro: desde n/a hasta 3.10.0. The Profile Builder Pro plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via an unknown parameter in versions up to, and including, 3.10.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link. • https://patchstack.com/database/vulnerability/profile-builder-pro/wordpress-profile-builder-pro-plugin-3-10-0-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-22141 – WordPress Profile Builder Pro Plugin <= 3.10.0 is vulnerable to Sensitive Data Exposure
https://notcve.org/view.php?id=CVE-2024-22141
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Cozmoslabs Profile Builder Pro.This issue affects Profile Builder Pro: from n/a through 3.10.0. Exposición de información confidencial a una vulnerabilidad de actor no autorizado en Cozmoslabs Profile Builder Pro. Este problema afecta a Profile Builder Pro: desde n/a hasta 3.10.0. The Profile Builder Pro plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.10.0. This makes it possible for authenticated attackers, with subscriber-level access and above, to extract a sensitive time-based one-time password (TOTP). • https://patchstack.com/database/vulnerability/profile-builder-pro/wordpress-profile-builder-pro-plugin-3-10-0-totp-secret-key-exposure-vulnerability?_s_id=cve • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2023-6504 – Profile Builder <= 3.10.7 - Insecure Direct Object Reference to Sensitive Information Exposure via user_meta Shortcode
https://notcve.org/view.php?id=CVE-2023-6504
The User Profile Builder – Beautiful User Registration Forms, User Profiles & User Role Editor plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the wppb_toolbox_usermeta_handler function in all versions up to, and including, 3.10.7. This makes it possible for authenticated attackers, with contributor-level access and above, to expose sensitive information within user metadata. El complemento User Profile Builder – Beautiful User Registration Forms, User Profiles & User Role Editor para WordPress es vulnerable al acceso no autorizado a los datos debido a una falta de verificación de capacidad en la función wppb_toolbox_usermeta_handler en todas las versiones hasta la 3.10.7 incluida. Esto hace posible que atacantes autenticados, con acceso de nivel de colaborador y superior, expongan información confidencial dentro de los metadatos del usuario. • https://plugins.trac.wordpress.org/changeset/3012472/profile-builder https://www.wordfence.com/threat-intel/vulnerabilities/id/f515ccf8-7231-4728-b155-c47049087d42?source=cve • CWE-639: Authorization Bypass Through User-Controlled Key CWE-862: Missing Authorization •