Security Vulnerability – WPScan

Viewing 9 replies - 1 through 9 (of 9 total)
  • Plugin Author Mykyta Synelnikov

    (@nsinelnikov)

    Hi?@celerystix

    We are working on the fixes related to this vulnerability since 2.6.3 version when we get a report from one of our customers. Versions 2.6.4, 2.6.5, 2.6.6 partially close this vulnerability but we are still working together with the WPScan team for getting the best result. We also got their report with all the necessary details.

    All previous versions are vulnerable so we highly recommend to upgrade your websites to 2.6.6 and keep updates in the future for getting the recent security and feature enhancements.

    Let me know if you have other questions,
    Best Regards!

    Wordfence just published a blog post on this; they share some indicators of compromise to check, and it sounds like it would be a good idea to block the suspicious usernames and email address domain they identify from registering accounts via Ultimate Member > Settings > Access > Other.

    Similar post from WordFence https://www.wordfence.com/blog/2023/06/psa-unpatched-critical-privilege-escalation-vulnerability-in-ultimate-member-plugin-being-actively-exploited/

    Our site requires all new registrations to be approved by an Admin. (I have confirmed that this setting is applied to all User Roles.) Does this protect us from the vulnerability?

    This is a very sever security vulnerability. As far as I understand, it doesn’t matter if all registrations require approval by an Admin. So the risk is still there.

    When are you planning to release a patch that solves this vulnerability?

    Plugin Support calumallison

    (@calumallison)

    @ievatyte We are currently working on fixing a remaining issue and will release an update as soon as possible. Thank you

    Hi guys, thanks for working fast on this vulnerability. In the meanwhile, can you please confirm other security plugins that can help keep sites secure while we wait? For example, we use WP Cerber – is this plugin able to stop such malicious activity from getting through the UM vulnerability?

    Thanks

    Hi all, it seems that hackers currently exploiting this issue are mainly trying to attack YOURDOMAIN.COM/register (where ‘register’ is the default slug for registering).

    So while it’s certainly NOT a patch, you could make it a bit harder for hackers by temporarily changing the ‘register’ slug to something less predictable (not ‘registration’, but something more random).

    When UM releases the actual patch, you can of course rename the slug back to ‘register’.

    Plugin Support andrewshu

    (@andrewshu)

    Hi @celerystix

    This thread has been inactive for a while so we’re going to go ahead and mark it Resolved.

    Please feel free to re-open this thread if any other questions come up and we’d be happy to help. ??

    Regards

Viewing 9 replies - 1 through 9 (of 9 total)
  • The topic ‘Security Vulnerability – WPScan’ is closed to new replies.