Security News > 2020 > February > Severe vuln in WordPress plugin Profile Builder would happily hand anyone the keys to your kingdom

Severe vuln in WordPress plugin Profile Builder would happily hand anyone the keys to your kingdom
2020-02-17 14:46

A vulnerability in a popular WordPress user role plugin lets any random person create an admin-level account on targeted websites.

The bug in Profile Builder was given a CVSS score of 10.0 by WordPress security biz Wordfence, though precise details of the bug are not yet available on the usual CVE-tracking websites.

Profile Builder is a form-building plugin used mainly for blogs and websites with comment sections.

Wordfence reckoned in a detailed blog post that if, during initial setup of Profile Builder versions up to and including version 3.1.0, a site admin did not set a default user role field for newly registered users, a malicious person could simply submit a new user registration along with their own chosen user role, such as admin.

If no user role was defined by the site admin during initial setup of the plugin, the form field defining the user role was not present for new users registrations - yet the plugin would happily act on a form field if one was received.


News URL

https://go.theregister.co.uk/feed/www.theregister.co.uk/2020/02/17/wordpress_profile_builder_v3_1_0_vuln/

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Wordpress 7 2 95 44 18 159
Plugin 2 0 13 1 0 14