CVE-2021-24527: Profile Builder < 3.4.9 - Admin Access via Password Reset

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2021-24527

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

Profile Builder < 3.4.9 - Admin Access via Password Reset

Source: NVD (National Vulnerability Database)

Vulnerability Description

The User Registration & User Profile – Profile Builder WordPress plugin before 3.4.9 has a bug allowing any user to reset the password of the admin of the blog, and gain unauthorised access, due to a bypass in the way the reset key is checked. Furthermore, the admin will not be notified of such change by email for example.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

认证机制不恰当

Source: NVD (National Vulnerability Database)

Vulnerability Title

WordPress 插件授权问题漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

WordPress是Wordpress基金会的一套使用PHP语言开发的博客平台。该平台支持在PHP和MySQL的服务器上架设个人博客网站。WordPress 插件是WordPress开源的一个应用插件。 Profile Builder WordPress插件3.4.9之前版本存在授权问题漏洞，该漏洞源于插件在检查重置键的方法中存在绕过限制的问题，这允许任何用户重置博客的管理员密码，并获得未经授权的访问。此外，管理员将不会通过电子邮件获得密码变更的通知。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
Unknown	User Registration & User Profile – Profile Builder	3.4.9 ~ 3.4.9	-

II. Public POCs for CVE-2021-24527

#	POC Description	Source Link	Shenlong Link
1	The Profile Builder plugin before 3.4.9 for WordPress allows unauthenticated attackers to gain administrative access by exploiting an improper authentication vulnerability in the password reset functionality. An attacker can reset the password of any user, including administrators, without proper authorization, leading to a complete site compromise.	https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2021/CVE-2021-24527.yaml	POC Details

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2021-24527

Please Login to view more intelligence information

IV. Related Vulnerabilities

Same product: User Registration & User Profile – Profile Builder

CVE-2021-24448
Profile Builder < 3.4.8 - Authenticated Stored XSS

Same vendor: Unknown

Same weakness: CWE-287

V. Comments for CVE-2021-24527

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

I. Basic Information for CVE-2021-24527

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2021-24527

III. Intelligence Information for CVE-2021-24527

IV. Related Vulnerabilities

V. Comments for CVE-2021-24527

Leave a comment