A critical vulnerability in the plugin (CVE-2023-3460) allows an unauthenticated attacker to register as an administrator and take full control of the website. The problem occurs with the plugin registration form. In this form it appears possible to change certain values for the account to be registered. This includes the “wp_capabilities” value, which determines the user’s role on the website.
The plugin doesn’t allow users to enter this value, but this filter turns out to be easy to bypass, making it possible to edit wp_capabilities and become an admin
The page I need help with: [log in to see the link]
- You must be logged in to reply to this topic.