Vulnerabilities > CVE-2024-9518 - Unspecified vulnerability in Wpuserplus Userplus 1.0/1.1/2.0

CVSS 9.8 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

wpuserplus

critical

NVD

Published: 2024-10-10

Updated: 2024-10-15

Summary

The UserPlus plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 2.0 due to insufficient restriction on the 'form_actions' and 'userplus_update_user_profile' functions. This makes it possible for unauthenticated attackers to specify their user role by supplying the 'role' parameter during a registration.

Vulnerable Configurations

Part	Description	Count
Application	Wpuserplus Wpuserplus Userplus 1.0 Wpuserplus Userplus 1.1 Wpuserplus Userplus 2.0	3

References

https://www.wordfence.com/threat-intel/vulnerabilities/id/2489e649-27f7-4ca0-8655-0957016fa89a?source=cve
https://plugins.trac.wordpress.org/browser/userplus/trunk/functions/user-functions.php?rev=1604604#L47