CVE-2024-2417
published 2024-05-02CVE-2024-2417: The User Registration – Custom Registration Form, Login Form, and User Profile WordPress Plugin plugin for WordPress is vulnerable to privilege escalation due…
PriorityP279high8.8CVSS 3.1
AVNACLPRLUINSUCHIHAH
ITWVulnCheck KEV
Exploited in the wild
EPSS
0.94%
56.4th percentile
The User Registration – Custom Registration Form, Login Form, and User Profile WordPress Plugin plugin for WordPress is vulnerable to privilege escalation due to a missing capability check on the form_save_action() function in all versions up to, and including, 3.1.5. This makes it possible for authenticated attackers, with subscriber-level access and above, to update the registration form and make the default registration role administrator. This subsequently allows the attacker to register an account as an administrator on the site.
CVSS provenance
nvdv3.18.8HIGHCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
vulncheck8.8HIGH
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-qrjj-6qvw-q37p: The User Registration – Custom Registration Form, Login Form, and User Profile WordPress Plugin plugin for WordPress is vulnerable to privilege escala
ghsa_unreviewed·2024-05-02
CVE-2024-2417 [HIGH] CWE-862 GHSA-qrjj-6qvw-q37p: The User Registration – Custom Registration Form, Login Form, and User Profile WordPress Plugin plugin for WordPress is vulnerable to privilege escala
The User Registration – Custom Registration Form, Login Form, and User Profile WordPress Plugin plugin for WordPress is vulnerable to privilege escalation due to a missing capability check on the form_save_action() function in all versions up to, and including, 3.1.5. This makes it possible for authenticated attackers, with subscriber-level access and above, to update the registration form and make the default registration role administrator. This subsequently allows the attacker to register an account as an administrator on the site.
VulnCheck
WPEverest User Registration - Custom Registration Form, Login Form, and User Profile WordPress Plugin form_save_action Vulnerability
vulncheck·2024·CVSS 8.8
CVE-2024-2417 [HIGH] WPEverest User Registration - Custom Registration Form, Login Form, and User Profile WordPress Plugin form_save_action Vulnerability
WPEverest User Registration - Custom Registration Form, Login Form, and User Profile WordPress Plugin form_save_action Vulnerability
The User Registration - Custom Registration Form, Login Form, and User Profile WordPress Plugin plugin for WordPress is vulnerable to privilege escalation due to a missing capability check on the form_save_action() function in all versions up to, and including, 3.1.5. This makes it possible for authenticated attackers, with subscriber-level access and above, to update the registration form and make the default registration role administrator. This subsequently allows the attacker to register an account as an administrator on the site.
Affected: WPEverest User Registration - Custom Registration Form, Login Form, and User Profile WordPress Plugin
Required Ac
Suricata
GPL RPC snmpXdmi overflow attempt TCP
suricata·2010-09-23
CVE-2001-0236 GPL RPC snmpXdmi overflow attempt TCP
GPL RPC snmpXdmi overflow attempt TCP
Rule: alert tcp $EXTERNAL_NET any -> $HOME_NET any (msg:"GPL RPC snmpXdmi overflow attempt TCP"; flow:established,to_server; content:"|00 01 87 99|"; depth:4; offset:16; content:"|00 00 01 01|"; within:4; distance:4; byte_jump:4,4,relative,align; byte_jump:4,4,relative,align; byte_test:4,>,1024,20,relative; content:"|00 00 00 00|"; depth:4; offset:8; reference:bugtraq,2417; reference:cve,2001-0236; reference:url,www.cert.org/advisories/CA-2001-05.html; classtype:attempted-admin; sid:2100569; rev:16; metadata:created_at 2010_09_23, cve CVE_2001_0236, confidence Medium, signature_severity Informational, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2024_03_08;)
Suricata
GPL RPC portmap snmpXdmi request TCP
suricata·2010-09-23
CVE-2001-0236 GPL RPC portmap snmpXdmi request TCP
GPL RPC portmap snmpXdmi request TCP
Rule: alert tcp $EXTERNAL_NET any -> $HOME_NET 111 (msg:"GPL RPC portmap snmpXdmi request TCP"; flow:established,to_server; content:"|00 01 86 A0|"; depth:4; offset:16; content:"|00 00 00 03|"; within:4; distance:4; byte_jump:4,4,relative,align; byte_jump:4,4,relative,align; content:"|00 01 87 99|"; within:4; content:"|00 00 00 00|"; depth:4; offset:8; reference:bugtraq,2417; reference:cve,2001-0236; reference:url,www.cert.org/advisories/CA-2001-05.html; classtype:rpc-portmap-decode; sid:2100593; rev:20; metadata:created_at 2010_09_23, cve CVE_2001_0236, signature_severity Informational, updated_at 2024_03_08;)
No public exploits indexed.
No writeups or analysis indexed.
https://github.com/wpeverest/user-registration/commit/d265273aa4dddb24ade929be78c6bf1766f1cf00https://plugins.trac.wordpress.org/changeset/3070439/user-registration/trunk/includes/class-ur-ajax.phphttps://www.wordfence.com/threat-intel/vulnerabilities/id/d03459d8-b1f2-4270-a294-403754db1f2f?source=cvehttps://github.com/wpeverest/user-registration/commit/d265273aa4dddb24ade929be78c6bf1766f1cf00https://plugins.trac.wordpress.org/changeset/3070439/user-registration/trunk/includes/class-ur-ajax.phphttps://www.wordfence.com/threat-intel/vulnerabilities/id/d03459d8-b1f2-4270-a294-403754db1f2f?source=cve
2024-05-02
Published
Exploited in the wild