vendor:
WP User Avatar
by:
Numan Rajkotiya
9,8
CVSS
HIGH
Privilege Escalation
264
CWE
Product Name: WP User Avatar
Affected Version From: 3.0
Affected Version To: 3.1.3
Patch Exists: YES
Related CWE: CVE-2021-34621
CPE: 2.3:a:wordpress:wp_user_avatar:3.0
Metasploit:
N/A
Other Scripts:
N/A
Tags: wordpress,wp-plugin,packetstorm,cve,cve2021,intrusive
CVSS Metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Nuclei References:
https://www.wordfence.com/blog/2021/06/easily-exploitable-critical-vulnerabilities-patched-in-profilepress-plugin, https://nvd.nist.gov/vuln/detail/CVE-2021-34621, https://www.wordfence.com/blog/2021/06/easily-exploitable-critical-vulnerabilities-patched-in-profilepress-plugin/, http://packetstormsecurity.com/files/163973/WordPress-ProfilePress-3.1.3-Privilege-Escalation.html
Nuclei Metadata: {'max-request': 3, 'framework': 'wordpress', 'vendor': 'properfraction', 'product': 'profilepress'}
Platforms Tested: ProfilePress 3.0, Apache 2.4, and Windows Build 19043.928
2021
WordPress Plugin ProfilePress 3.1.3 – Privilege Escalation (Unauthenticated)
ProfilePress WordPress plugin is susceptible to a vulnerability in the user registration component in the ~/src/Classes/RegistrationAuth.php file that makes it possible for users to register on sites as an administrator.
Mitigation:
Upgrade to the latest version of the ProfilePress plugin to mitigate this vulnerability.
