• Resolved softwaregeek

    (@softwaregeek)


    A critical vulnerability in the plugin (CVE-2023-3460) allows an unauthenticated attacker to register as an administrator and take full control of the website. The problem occurs with the plugin registration form. In this form it appears possible to change certain values for the account to be registered. This includes the “wp_capabilities” value, which determines the user’s role on the website.

    The plugin doesn’t allow users to enter this value, but this filter turns out to be easy to bypass, making it possible to edit wp_capabilities and become an admin

    • This topic was modified 10 months, 3 weeks ago by softwaregeek.

    The page I need help with: [log in to see the link]

Viewing 3 replies - 1 through 3 (of 3 total)
  • Plugin Support andrewshu

    (@andrewshu)

    Hi @softwaregeek

    Thanks for your question. We are working on the fixes related to this vulnerability since 2.6.3 version when we get a report from one of our customer. Versions 2.6.4, 2.6.5, 2.6.6 partially close this vulnerability but we are still working together with WPScan team for getting the best result. We also get their report with all necessary details.

    All previous versions are vulnerable so we highly recommend to upgrade your websites to 2.6.6 and keep updates in the future for getting the recent security and feature enhancements.

    We are currently working on fixing a remaining issue and will release a further update as soon as possible.

    Let me know if you have other questions,
    Best Regards!

    Plugin Support andrewshu

    (@andrewshu)

    Hello @softwaregeek

    Sorry for delay, we released 2.6.7 version of the UM with the vulnerability fix. Please update the UM.

    Regards.

    Plugin Support andrewshu

    (@andrewshu)

    Hi @softwaregeek

    This thread has been inactive for a while so we’re going to go ahead and mark it Resolved.

    Please feel free to re-open this thread if any other questions come up and we’d be happy to help. 🙂

    Regards

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘CVE-2023-3460’ is closed to new replies.