CVE-2019-10271

An issue was discovered in the Ultimate Member plugin 2.39 for WordPress. It allows unauthorized profile and cover picture modification. It is possible to modify the profile and cover picture of any user once one is connected. One can also modify the profiles and cover pictures of privileged users. To perform such a modification, one first needs to (for example) intercept an upload-picture request and modify the user_id parameter.

CVSS v3 4.3 MEDIUM
CVSS v2.0 4.0 MEDIUM

4.3^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 2.8 / Impact : 1.4

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact LOW

Availability Impact NONE

Scope UNCHANGED

4.0^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:L/Au:S/C:N/I:P/A:N

Exploitability : 8.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication SINGLE

Confidentiality Impact NONE

Integrity Impact PARTIAL

Availability Impact NONE

References

Link	Resource
https://cxsecurity.com/issue/WLB-2019060120	Third Party Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:ultimatemember:ultimate_member:*:*:*:*:*:wordpress:*:*

History

No history.

Information

Published : 2019-06-24 19:15

Updated : 2024-03-05 21:11

NVD link : CVE-2019-10271

Mitre link : CVE-2019-10271

CVE.ORG link : CVE-2019-10271

JSON object : View

Products Affected

ultimatemember

ultimate_member

CWE

NVD-CWE-noinfo

{"id": "CVE-2019-10271", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N", "authentication": "SINGLE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 1.4, "exploitabilityScore": 2.8}]}, "published": "2019-06-24T19:15:10.553", "references": [{"url": "https://cxsecurity.com/issue/WLB-2019060120", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "An issue was discovered in the Ultimate Member plugin 2.39 for WordPress. It allows unauthorized profile and cover picture modification. It is possible to modify the profile and cover picture of any user once one is connected. One can also modify the profiles and cover pictures of privileged users. To perform such a modification, one first needs to (for example) intercept an upload-picture request and modify the user_id parameter."}, {"lang": "es", "value": "Se detect\u00f3 un problema en el plugin Ultimate Member versi\u00f3n 2.39 para WordPress. Este permite la modificaci\u00f3n no autorizada del perfil y foto de portada. Es posible modificar el perfil y la imagen de portada de cualquier usuario una vez que est\u00e9 conectado. Tambi\u00e9n se puede modificar los perfiles y las im\u00e1genes de portada de usuarios privilegiados. Para realizar dicha modificaci\u00f3n, primero necesita (por ejemplo) interceptar una petici\u00f3n de carga de imagen y modificar el par\u00e1metro user_id."}], "lastModified": "2024-03-05T21:11:12.187", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:ultimatemember:ultimate_member:*:*:*:*:*:wordpress:*:*", "vulnerable": true, "matchCriteriaId": "A0451A41-7BA3-42DA-A431-52551BC7C4EE", "versionEndExcluding": "2.0.40"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}