Login Sign Up

CVE-2023-2440

8.8 HIGH
Authentication Bypass CSRF

📋 TL;DR

The UserPro WordPress plugin up to version 5.1.1 has a Cross-Site Request Forgery vulnerability that allows unauthenticated attackers to trick administrators into performing actions that elevate user privileges. Attackers can modify verified users' roles to gain administrator access via forged requests. WordPress sites using vulnerable UserPro plugin versions are affected.

💻 Affected Systems

Products:
  • UserPro WordPress Plugin
Versions: Up to and including 5.1.1
Operating Systems: All
Default Config Vulnerable: ⚠️ Yes
Notes: Requires WordPress installation with UserPro plugin enabled. The vulnerability exists in default configurations.

📦 What is this software?

Userpro by Userproplugin

View all CVEs affecting Userpro →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers gain full administrative control of the WordPress site, allowing them to modify content, install malware, steal data, or take over the entire site.

🟠

Likely Case

Attackers create administrator accounts for themselves or compromise existing user accounts to gain elevated privileges for further attacks.

🟢

If Mitigated

With proper CSRF protections and user awareness, exploitation attempts fail or are detected before damage occurs.

🌐 Internet-Facing: HIGH
🏢 Internal Only: LOW

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: LIKELY
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

Exploitation requires social engineering to trick an administrator into clicking a malicious link. The technical complexity of the CSRF attack itself is low.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 5.1.2 or later

Vendor Advisory: https://codecanyon.net/item/userpro-user-profiles-with-social-login/5958681

Restart Required: No

Instructions:

1. Log into WordPress admin panel. 2. Navigate to Plugins > Installed Plugins. 3. Find UserPro plugin. 4. Click 'Update Now' if available. 5. Alternatively, download latest version from CodeCanyon and manually update.

🔧 Temporary Workarounds

Temporary Plugin Deactivation

all

Deactivate UserPro plugin until patched to prevent exploitation

CSRF Protection via Security Plugin

all

Install WordPress security plugin with CSRF protection features

🧯 If You Can't Patch

  • Implement strict user role management and monitor for unauthorized privilege changes
  • Educate administrators about phishing risks and implement click-through warnings for admin actions

🔍 How to Verify

Check if Vulnerable:

Check WordPress admin panel > Plugins > Installed Plugins > UserPro version. If version is 5.1.1 or lower, you are vulnerable.

Check Version:

wp plugin list --name=userpro --field=version

Verify Fix Applied:

After updating, verify UserPro plugin version is 5.1.2 or higher in WordPress admin panel.

📡 Detection & Monitoring

Log Indicators:

  • Unexpected user role changes in WordPress logs
  • Admin actions from unusual IP addresses or user agents

Network Indicators:

  • HTTP POST requests to /wp-admin/admin-ajax.php with userpro-related actions from non-admin users

SIEM Query:

source="wordpress" AND (event="user_role_change" OR action="userpro_*")

📊 Metadata

CVE ID: CVE-2023-2440
CVSS v3 Score: 8.8 (HIGH)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CWE: CWE-352
Published: November 22, 2023
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-2440, you might also want to check these:

CVE-2025-23922 10.0

A Cross-Site Request Forgery (CSRF) vulnerability in the Harsh iSpring Embedder WordPress plugin all...

Same vulnerability type (CWE-352)
CVE-2020-23426 9.8

CVE-2020-23426 is a privilege escalation vulnerability in zzcms 201910 that allows attackers to gain...

Same vulnerability type (CWE-352)
CVE-2024-33449 9.8

This SSRF vulnerability in PDFMyURL allows attackers to make the service send requests to internal s...

Same vulnerability type (CWE-352)