#VU77841 Improper Authorization in Ultimate Member - User Profile & Membership Plugin - CVE-2023-3460

Cybersecurity Help s.r.o.

Published: 2023-06-30 | Updated: 2023-07-27

Vulnerability identifier: #VU77841

Vulnerability risk: Critical

CVSSv4.0: 9.3 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:A/U:Red]

CVE-ID: CVE-2023-3460

CWE-ID: CWE-285

Exploitation vector: Network

Exploit availability: Yes

Vulnerable software:
Ultimate Member - User Profile & Membership Plugin
Web applications / Modules and components for CMS

Vendor: Ultimate Member

Description

The vulnerability allows a remote attacker to compromise the affected website.

The vulnerability exists due to improper authorization within the registration functionality. A remote non-authenticated attacker can register a rouge administrative account and compromise the web application.

Note, the vulnerability is being actively exploited in the wild.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

Ultimate Member - User Profile & Membership Plugin: 2.6.3 - 2.6.5

External links
https://wordpress.org/support/topic/security-issue-144/#post-16859857
https://www.bleepingcomputer.com/news/security/hackers-exploit-zero-day-in-ultimate-member-wordpress-plugin-with-200k-installs/

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

Yes. This vulnerability is being exploited in the wild.

Latest bulletins with this vulnerability

Improper authorization in Ultimate Member plugin for WordPress