Simple Membership Plugin Flaws Expose WordPress Sites


Versions 4.3.4 and earlier of the well-known Simple Membership WordPress plugin feature two new security holes that could result in privilege escalation problems. The plugin created by smp7 and wp.insider is commonly used for personalized membership administration on WordPress websites and has over 50,000 active installations.

Unauthenticated Membership Role Privilege Escalation vulnerability (CVE-2023-41957) and Authenticated Account Takeover vulnerability (CVE-2023-41956) are two issues found by Patchstack security researchers. While with the latter, authenticated users were able to take control of any member account through an unsecure password reset process, the former permitted unauthenticated individuals to register accounts with accounts at any membership level.

Read More…