WordPress Plugin Vulnerabilities

UserPro < 5.1.2 - Authentication Bypass to Administrator

Description

The UserPro plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 5.1.1. This is due to insufficient verification on the user being supplied during a Facebook login through the plugin. This makes it possible for unauthenticated attackers to log in as any existing user on the site, such as an administrator, if they have access to the email. An attacker can leverage CVE-2023-2448 and CVE-2023-2446 to get the user's email address to successfully exploit this vulnerability.

Affects Plugins

Plugin icon
userpro
Fixed in 5.1.2

References

CVE
CVE-2023-2437
URL
https://www.wordfence.com/threat-intel/vulnerabilities/id/b3cf9f38-c20e-40dc-a7a1-65b0c6ba7925

Classification

Type
AUTHBYPASS
OWASP top 10
A2: Broken Authentication and Session Management
CWE
CWE-287
CVSS
9.8 (Critical)

Miscellaneous

Original Researcher
István Márton
Verified
No
WPVDB ID
cdeed0ad-8023-4fb3-8ce7-fd02971f82af

Timeline

Publicly Published
2023-11-21 (about 2 years ago)
Added
2023-11-23 (about 2 years ago)
Last Updated
2023-11-24 (about 2 years ago)

Other

Published
Title
Published
2014-08-01
Title
Groups 1.4.5 - Negated Role Capability H&ling Elevated Privilege Issue
Published
2023-07-18
Title
OAuth Single Sign On – SSO (OAuth Client) < 6.23.4 - Improper Authentication
Published
2022-02-22
Title
RW Divi Unite Gallery <= 1.0 - Security Bypass via Outdated Freemius
Published
2025-12-12
Title
Ninja Forms < 3.13.3 - Unauthenticated Token Generation and Submission Disclosure
Published
2018-03-03
Title
Super Socializer < 7.11 - Authentication Bypass