CVE-2023-2446

MEDIUM EXPLOITED

UserPro < 5.1.1 - Authenticated Sensitive Information Exposure via Shortcode

Title source: llm

Exploitation Summary

CVE-2023-2446 has been observed exploited in the wild (reported by VulnCheck KEV).

Description

The UserPro plugin for WordPress is vulnerable to sensitive information disclosure via the 'userpro' shortcode in versions up to, and including 5.1.1. This is due to insufficient restriction on sensitive user meta values that can be called via that shortcode. This makes it possible for authenticated attackers, with subscriber-level permissions, and above to retrieve sensitive user meta that can be used to gain access to a high privileged user account.

References (3)

Core 3

Core References

Third Party Advisory, VDB Entry

http://packetstormsecurity.com/files/175871/WordPress-UserPro-5.1.x-Password-Reset-Authentication-Bypass-Escalation.html

Product

https://codecanyon.net/item/userpro-user-profiles-with-social-login/5958681

Third Party Advisory

https://www.wordfence.com/threat-intel/vulnerabilities/id/4072ba5f-6385-4fa3-85b6-89dac7b60a92?source=cve

Scores

CVSS v3 6.5

EPSS 0.0085

EPSS Percentile 53.5%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Details

VulnCheck KEV 2023-11-21

CWE

CWE-200

Status published

Products (2)

None/UserPro - Community and User Profile WordPress Plugin < 5.1.1

userproplugin/userpro < 5.1.2

Published Nov 22, 2023

Tracked Since Feb 18, 2026