$2,063 Bounty Awarded for Privilege Escalation Vulnerability Patched in User Registration WordPress Plugin
🎉 Did you know we’re running a Bug Bounty Extravaganza again?
Earn over 6x our usual bounty rates, up to $10,000, for all vulnerabilities submitted through May 27th, 2024 when you opt to have Wordfence handle responsible disclosure!
On March 9th, 2024, during our second Bug Bounty Extravaganza, we received a submission for a Privilege Escalation vulnerability in User Registration, a WordPress plugin with more than 60,000 active installations. This vulnerability makes it possible for an authenticated attacker to grant themselves administrative privileges by updating the default user role.
Props to Stiofan who discovered and responsibly reported this vulnerability through the Wordfence Bug Bounty Program. This researcher earned a bounty of $2,063.00 for this discovery during our Bug Bounty Program Extravaganza. Our mission is to Secure the Web, which is why we are investing in quality vulnerability research and collaborating with researchers of this caliber through our Bug Bounty Program. We are committed to making the WordPress ecosystem more secure, which ultimately makes the entire web more secure.
All Wordfence Premium, Wordfence Care, and Wordfence Response customers, as well as those using the free version of our plugin, are protected against any exploits targeting this vulnerability by the Wordfence firewall’s protection.
We tried to contact WPEverest on March 13, 2024 through their contact form, however, we did not receive a response. On April 9, 2024, we reached out directly to an email address we had from a previous disclosure and received a response the same day. The full disclosure details were then sent on April, 10, 2024. After providing full disclosure details, the developer released a patch on April 15, 2024. We would like to commend WPEverest for their prompt response and timely patch.
We urge users to update their sites with the latest patched version of User Registration, which is version 3.2.0, as soon as possible.
Vulnerability Summary from Wordfence Intelligence
Description: User Registration – Custom Registration Form, Login Form, and User Profile WordPress Plugin
Source: wordfence.com