CVE-2021-24527
CRITICAL EXPLOITED NUCLEIProfile Builder < 3.4.9 - Unauthenticated Admin Password Reset via Reset Key Bypass
Title source: llmExploitation Summary
CVE-2021-24527 has been observed exploited in the wild (reported by VulnCheck KEV). A Nuclei detection template is also available.
Description
The User Registration & User Profile – Profile Builder WordPress plugin before 3.4.9 has a bug allowing any user to reset the password of the admin of the blog, and gain unauthorised access, due to a bypass in the way the reset key is checked. Furthermore, the admin will not be notified of such change by email for example.
Nuclei Templates (1)
Profile Builder < 3.4.9 - Improper Authentication
CRITICALVERIFIEDby Sourabh-Sahu
References (1)
Core 1
Core References
Exploit, Third Party Advisory x_refsource_misc
https://wpscan.com/vulnerability/c142e738-bc4b-4058-a03e-1be6fca47207
Scores
CVSS v3
9.8
EPSS
0.0770
EPSS Percentile
93.8%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
VulnCheck KEV
2023-01-11
CWE
CWE-287
Status
published
Products (1)
cozmoslabs/profile_builder
< 3.4.9
Published
Aug 16, 2021
Tracked Since
Feb 18, 2026