Simple Membership < 4.3.5 – Privilege escalation via Registration | CVE 2023-41957 | Plugin Vulnerabilities

Description

The Simple Membership plugin for WordPress is vulnerable to privilege escalation due to missing input validation on the create_swpm_user function in versions up to, and including, 4.3.4. This makes it possible for unauthenticated attackers to register users with arbitrary membership levels. Since membership levels can be granted a higher user role than subscriber, this can lead to privilege escalation

Affects Plugins

simple-membership

Fixed in 4.3.5

References

CVE

URL

https://www.wordfence.com/threat-intel/vulnerabilities/id/7cff7dc5-23e1-424c-923b-68eef49dec6f

Miscellaneous

Original Researcher

Rafie Muhammad

Verified

No

WPVDB ID

e97ec5de-d746-4b93-b17f-719a0f426df6

Timeline

Publicly Published

2023-09-25 (about 2 years ago)

Added

2023-11-24 (about 2 years ago)

Last Updated

2023-11-24 (about 2 years ago)

Other

Published

Title

Published

2014-08-01

Title

Encrypted Blog 0.0.6.2 - encrypt_blog_form.php redirect_to Parameter Arbitrary Site Redirect

Published

2019-10-25

Title

WP HTML Mail < 2.9.1 - HTML Injection

Published

2023-10-25

Title

All In One WP Security < 5.2.5 - Protection Bypass of Renamed Login Page via URL Encoding

Published

2014-08-01

Title

Persuasion <= 2.4 - dl-skin.php _mysite_delete_skin_zip Parameter Absolute Path Traversal Remote Directory Deletion

Published

2014-08-01

Title

vTiger - CRM Lead Capture Unspecified