CVE-2020-36155

nvd nist nuclei

Published: Jan 4, 2021Modified: Nov 21, 2024

9.8

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Exploitability: 3.9 / Impact: 5.9

Source: NVD

Description

An issue was discovered in the Ultimate Member plugin before 2.1.12 for WordPress, aka Unauthenticated Privilege Escalation via User Meta. An attacker could supply an array parameter for sensitive metadata, such as the wp_capabilities user meta that defines a user's role. During the registration process, submitted registration details were passed to the update_profile function, and any metadata was accepted, e.g., wp_capabilities[administrator] for Administrator access.

Affected (1)

Products: Ultimatemember: Ultimate Member

1 product

Ultimate Member

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Ultimatemember Ultimate Member	Before 2.1.12

Related CWEs

Improper Privilege Management

The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.

References (6)

https://wordpress.org/plugins/ultimate-member/#developers

Source: cve@mitre.org

Release NotesThird Party Advisory

https://wpscan.com/vulnerability/cf13b0f8-5815-4d27-a276-5eff8985fc0b

Source: cve@mitre.org

ExploitThird Party Advisory

https://www.wordfence.com/blog/2020/11/critical-privilege-escalation-vulnerabilities-affect-100k-sites-using-ultimate-member-plugin/

Source: cve@mitre.org

ExploitThird Party Advisory

https://wordpress.org/plugins/ultimate-member/#developers

Source: af854a3a-2127-422b-91ae-364da2661108

Release NotesThird Party Advisory

https://wpscan.com/vulnerability/cf13b0f8-5815-4d27-a276-5eff8985fc0b

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitThird Party Advisory

https://www.wordfence.com/blog/2020/11/critical-privilege-escalation-vulnerabilities-affect-100k-sites-using-ultimate-member-plugin/

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitThird Party Advisory

Timeline

No history available yet.