WordPress Plugin Vulnerabilities

UserPro < 5.1.2 - Sensitive Information Disclosure via Shortcode

Description

The UserPro plugin for WordPress is vulnerable to sensitive information disclosure via the 'userpro' shortcode in versions up to, and including 5.1.1. This is due to insufficient restriction on sensitive user meta values that can be called via that shortcode. This makes it possible for authenticated attackers, with subscriber-level permissions, and above to retrieve sensitive user meta that can be used to gain access to a high privileged user account.

Affects Plugins

Plugin icon
userpro
Fixed in 5.1.2

References

CVE
CVE-2023-2446
URL
https://www.wordfence.com/threat-intel/vulnerabilities/id/4072ba5f-6385-4fa3-85b6-89dac7b60a92

Classification

Type
SENSITIVE DATA DISCLOSURE
OWASP top 10
A3: Sensitive Data Exposure
CWE
CWE-200
CVSS
6.5 (medium)

Miscellaneous

Original Researcher
István Márton
Verified
No
WPVDB ID
df8bfaa9-79e0-4bb2-909c-fdc9c21f3d9e

Timeline

Publicly Published
2023-11-21 (about 2 years ago)
Added
2023-11-23 (about 2 years ago)
Last Updated
2024-01-22 (about 2 years ago)

Other

Published
Title
Published
2025-09-25
Title
Email marketing for WordPress by GetResponse Official < 1.5.4 - Authenticated (Subscriber+) Information Exposure
Published
2020-12-17
Title
ListingPro < 2.6.1 - Unauthenticated Sensitive Data Disclosure (Usernames, Emails etc)
Published
2026-03-12
Title
RSVP and Event Management < 2.7.17 - Unauthenticated Information Exposure
Published
2025-10-10
Title
WP Gmail SMTP <= 1.0.7 - Sensitive Information Exposure
Published
2024-04-05
Title
User Spam Remover < 1.1 - Unauthenticated Sensitive Information Exposure