WordPress Plugin Vulnerabilities

Profile Builder < 3.9.1 - Unauthorised Password Reset

Description

The plugin does not properly validate the password reset key, which could lead to attackers to reset arbitrary account password and gain access to them using CVE-2023-0814 or other vulnerabilities allowing for the Reser ket retrieval such as SQLi

Affects Plugins

Plugin icon
profile-builder
Fixed in 3.9.1

References

CVE
CVE-2023-2297
URL
https://lana.codes/lanavdb/512e7307-04a5-4d8b-8f79-f75f37784a9f/
URL
https://www.wordfence.com/blog/2023/03/vulnerability-patched-in-cozmolabs-profile-builder-plugin-information-disclosure-leads-to-account-takeover/

Classification

Type
PRIVESC
OWASP top 10
A2: Broken Authentication and Session Management
CWE
CWE-269
CVSS
8.8 (high)

Miscellaneous

Original Researcher
Lana Codes
Verified
No
WPVDB ID
7d4a6b1a-047b-4ce7-9055-1f579e4c1fd7

Timeline

Publicly Published
2023-02-13 (about 3 years ago)
Added
2023-04-27 (about 3 years ago)
Last Updated
2023-04-27 (about 3 years ago)

Other

Published
Title
Published
2026-03-20
Title
Creator LMS < 1.1.19 - Contributor+ Privilege Escalation
Published
2025-09-20
Title
Simple User Registration <= 6.4 - Authenticated (Contributor+) Privilege Escalation
Published
2023-08-11
Title
Premium Packages - Sell Digital Products Securely < 5.7.5 - Subscriber+ Privilege Escalation
Published
2020-03-07
Title
Custom Searchable Data Entry System <= 1.7.1 - Unauthenticated Data Modification and Deletion
Published
2025-08-18
Title
Real Spaces - WordPress Properties Directory Theme < 3.6 - Authenticated (Subscriber+) Privilege Escalation to Administrator via 'change_role_member'