WordPress Plugin Vulnerabilities

User Registration – Custom Registration Form, Login Form, and User Profile WordPress Plugin < 3.2.0 - Missing Authorization to Unauthenticated Media Deletion

Description

The User Registration – Custom Registration Form, Login Form, and User Profile WordPress Plugin plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the profile_pic_remove function in versions up to, and including, 3.1.5. This makes it possible for unauthenticated attackers to delete any media file.

Affects Plugins

Plugin icon
user-registration
Fixed in 3.2.0

References

CVE
CVE-2024-3295
URL
https://www.wordfence.com/threat-intel/vulnerabilities/id/864a3444-0479-4b9f-beca-584a4a9b8682

Classification

Type
NO AUTHORISATION
OWASP top 10
A5: Broken Access Control
CWE
CWE-862
CVSS
6.5 (medium)

Miscellaneous

Original Researcher
wesley (wcraft)
Verified
No
WPVDB ID
4c861222-e7fa-4956-b2d7-cacece693472

Timeline

Publicly Published
2024-04-15 (about 2 years ago)
Added
2024-04-15 (about 2 years ago)
Last Updated
2024-04-15 (about 2 years ago)

Other

Published
Title
Published
2025-01-30
Title
Food Menu – Restaurant Menu & Online Ordering for WooCommerce < 5.2.0 - Missing Authorization to Authenticated (Subscriber+) Settings Update
Published
2025-10-19
Title
ListingPro <= 2.9.9 - Missing Authorization
Published
2023-12-06
Title
System Dashboard < 2.8.8 - Missing Authorization to Information Disclosure (sd_global_value)
Published
2022-11-28
Title
WP Shamsi < 4.1.1 - Unauthenticated Arbitrary Plugin Deactivation
Published
2025-01-06
Title
LazyLoad Background Images <= 1.0.7 - Missing Authorization to Authenticated (Subscriber+) Plugin Settings Update