CVE-2020-13693
published 2020-05-29CVE-2020-13693: An unauthenticated privilege-escalation issue exists in the bbPress plugin before 2.6.5 for WordPress when New User Registration is enabled.
PriorityP274critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EXPLOIT
EPSS
43.88%
98.6th percentile
An unauthenticated privilege-escalation issue exists in the bbPress plugin before 2.6.5 for WordPress when New User Registration is enabled.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| bbpress | bbpress | < 2.6.5 | 2.6.5 |
| bbpress | bbpress | >= 0 < 2.6.5 | 2.6.5 |
Detection & IOCsextracted from sources · hover to see the quote
snort
alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET EXPLOIT Possible WordPress Plugin BBPress 2.5 - Unauthenticated Priv Esc Attempt (CVE-2020-13693)"; flow:established,to_server; http.method; content:"POST"; http.request_body; content:"user_login"; content:"user_pass"; distance:0; content:"|22|bbp_keymaster|22|"; distance:0; fast_pattern; reference:url,www.exploit-db.com/exploits/48534; reference:cve,2020-13693; classtype:attempted-admin; sid:2030239; rev:1; metadata:affected_product Wordpress_Plugins, attack_target Web_Server, created_at 2020_06_02, cve CVE_2020_13693, deployment Perimeter, performance_impact Low, confidence Medium, signature_severity Major, updated_at 2020_06_02;)
- ·The vulnerability only exists when 'New User Registration' is enabled on the WordPress site. Sites with registration disabled are not affected. ↗
- ·The Snort/ET rule (sid:2030239) uses 'fast_pattern' on the '"bbp_keymaster"' byte pattern (|22|bbp_keymaster|22|), meaning detection depends on the literal JSON/form-encoded string being present in the POST body. Obfuscated or chunked transfer encoding may evade this rule.
CVSS provenance
nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
bbPress unauthenticated privilege-escalation
ghsa·2022-05-24
CVE-2020-13693 [CRITICAL] CWE-269 bbPress unauthenticated privilege-escalation
bbPress unauthenticated privilege-escalation
An unauthenticated privilege-escalation issue exists in the bbPress plugin before 2.6.5 for WordPress when New User Registration is enabled.
OSV
bbPress unauthenticated privilege-escalation
osv·2022-05-24
CVE-2020-13693 [CRITICAL] bbPress unauthenticated privilege-escalation
bbPress unauthenticated privilege-escalation
An unauthenticated privilege-escalation issue exists in the bbPress plugin before 2.6.5 for WordPress when New User Registration is enabled.
Suricata
ET EXPLOIT Possible WordPress Plugin BBPress 2.5 - Unauthenticated Priv Esc Attempt (CVE-2020-13693)
suricata·2020-06-02·CVSS 9.8
CVE-2020-13693 [CRITICAL] ET EXPLOIT Possible WordPress Plugin BBPress 2.5 - Unauthenticated Priv Esc Attempt (CVE-2020-13693)
ET EXPLOIT Possible WordPress Plugin BBPress 2.5 - Unauthenticated Priv Esc Attempt (CVE-2020-13693)
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET EXPLOIT Possible WordPress Plugin BBPress 2.5 - Unauthenticated Priv Esc Attempt (CVE-2020-13693)"; flow:established,to_server; http.method; content:"POST"; http.request_body; content:"user_login"; content:"user_pass"; distance:0; content:"|22|bbp_keymaster|22|"; distance:0; fast_pattern; reference:url,www.exploit-db.com/exploits/48534; reference:cve,2020-13693; classtype:attempted-admin; sid:2030239; rev:1; metadata:affected_product Wordpress_Plugins, attack_target Web_Server, created_at 2020_06_02, cve CVE_2020_13693, deployment Perimeter, performance_impact Low, confidence Medium, signature_severity Major, updated_at 2020_
No writeups or analysis indexed.
http://packetstormsecurity.com/files/157885/WordPress-BBPress-2.5-Privilege-Escalation.htmlhttps://bbpress.org/blog/2020/05/bbpress-2-6-5-is-out/https://codex.bbpress.org/releases/https://wordpress.org/plugins/bbpress/#developershttp://packetstormsecurity.com/files/157885/WordPress-BBPress-2.5-Privilege-Escalation.htmlhttps://bbpress.org/blog/2020/05/bbpress-2-6-5-is-out/https://codex.bbpress.org/releases/https://wordpress.org/plugins/bbpress/#developers
2020-05-29
Published