User Registration – Custom Registration Form, Login Form, and User Profile WordPress Plugin < 3.2.1 – Missing Authorization to Privilege Escalation | CVE 2024-4958 | Plugin Vulnerabilities

Description

The User Registration – Custom Registration Form, Login Form, and User Profile WordPress Plugin plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'import_form_action' function in versions up to, and including, 3.2.0.1. This makes it possible for authenticated attackers, with contributor-level permissions and above, to import a registration form with a default user role of administrator. If an administrator approves or publishes a post or page with the shortcode to the imported form, any user can register as an administrator.

Affects Plugins

user-registration

Fixed in 3.2.1

References

CVE

URL

https://www.wordfence.com/threat-intel/vulnerabilities/id/710574a8-a6e2-4ee6-9ea7-03a34994fec7

Classification

Type

NO AUTHORISATION

OWASP top 10

A5: Broken Access Control

CWE

CVSS

Miscellaneous

Original Researcher

Thanh Nam Tran

Verified

No

WPVDB ID

22bbfaff-80c4-4e23-88e0-8322679ce4cd

Timeline

Publicly Published

2024-05-31 (about 1 year ago)

Added

2024-05-31 (about 1 year ago)

Last Updated

2024-06-01 (about 1 year ago)

Other

Published

Title

Published

2024-11-11

Title

Matix Popup Builder <= 1.0.0 - Unauthenticated Arbitrary Options Update

Published

2025-01-16

Title

OPSI Israel Domestic Shipments <= 2.8.2 - Missing Authorization

Published

2026-01-06

Title

iPaymu Payment Gateway for WooCommerce < 2.0.3 - Missing Authentication to Unauthenticated Payment Bypass and Order Information Disclosure

Published

2025-04-04

Title

AdMail – Multilingual Back in-Stock Notifier for WooCommerce <= 1.7.0 - Missing Authorization

Published

2026-01-07

Title

Block Slider <= 2.2.3 - Missing Authorization