WordPress Plugin Vulnerabilities

uListing < 1.7 - Unauthenticated Arbitrary Account Creation

Description

The AJAX action stm_listing_register() accessible to both authenticated and unauthenticated users did not perform capability and CSRF checks, allowing an unauthenticated user to create arbitrary accounts on the blog, including administrator ones.

Affects Plugins

Plugin icon
ulisting
Fixed in 1.7

References

CVE
CVE-2021-4343
URL
https://blog.nintechnet.com/wordpress-ulisting-plugin-fixed-multiple-critical-vulnerabilities/

Classification

Type
ACCESS CONTROLS
OWASP top 10
A5: Broken Access Control
CWE
CWE-284
CVSS
9.8 (critical)

Miscellaneous

Original Researcher
Jerome Bruandet
Verified
Yes
WPVDB ID
3b946dcd-3224-4d40-89e1-ae039f0a9667

Timeline

Publicly Published
2021-01-28 (about 3 years ago)
Added
2021-01-28 (about 3 years ago)
Last Updated
2023-06-08 (about 11 months ago)

Other

Published
Title
Published
2021-01-22
Title
Doneren met Mollie < 2.8.5 - Unauthorised CSV Export leading to Sensitive Data Disclosure
Published
2023-10-16
Title
Templately < 2.2.6 - Unauthenticated Arbitrary Post Deletion
Published
2024-03-19
Title
Combo Blocks < 2.2.76 - Unauthenticated Password Protected Posts Access
Published
2024-02-28
Title
Download Manager < 3.2.85 - Unauthenticated File Download
Published
2021-04-14
Title
BuddyPress < 7.3.0 - Multiple Authenticated REST API Vulnerabilities