CVE-2024-35700 – This vulnerability in the UserPro WordPress plu... (How to Fix)

Q: What is the severity of CVE-2024-35700?

CVE-2024-35700 has a CVSS score of 9.8 (CRITICAL). This vulnerability in the UserPro WordPress plugin allows unauthenticated attackers to escalate privileges and take over user accounts. It affects all UserPro plugin versions up to and including 5.1.8. WordPress sites using this plugin are vulnerable to complete compromise.

📋 TL;DR

This vulnerability in the UserPro WordPress plugin allows unauthenticated attackers to escalate privileges and take over user accounts. It affects all UserPro plugin versions up to and including 5.1.8. WordPress sites using this plugin are vulnerable to complete compromise.

💻 Affected Systems

Products:

DeluxeThemes UserPro WordPress Plugin

Versions: All versions up to and including 5.1.8

Operating Systems: Any OS running WordPress

Default Config Vulnerable: ⚠️ Yes

Notes: All WordPress installations with UserPro plugin enabled are vulnerable regardless of configuration.

📦 What is this software?

Userpro by Userproplugin

View all CVEs affecting Userpro →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete site takeover where attackers gain administrative access, modify content, install backdoors, steal sensitive data, and potentially compromise the entire server.

🟠

Likely Case

Attackers gain administrative privileges on vulnerable WordPress sites, allowing them to modify pages, inject malicious code, access user data, and maintain persistent access.

🟢

If Mitigated

With proper network segmentation and least privilege principles, impact could be limited to the WordPress application layer, preventing lateral movement to other systems.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

The vulnerability requires no authentication and has publicly available proof-of-concept code, making it trivial to exploit.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 5.1.9 or later

Vendor Advisory: https://patchstack.com/database/vulnerability/userpro/wordpress-userpro-plugin-5-1-8-unauthenticated-account-takeover-vulnerability

Restart Required: No

Instructions:

1. Log into WordPress admin panel. 2. Navigate to Plugins → Installed Plugins. 3. Find UserPro plugin and click 'Update Now'. 4. Verify update to version 5.1.9 or higher.

🔧 Temporary Workarounds

Disable UserPro Plugin

all

Temporarily disable the vulnerable plugin until patching is possible

wp plugin deactivate userpro

Restrict Plugin Access

all

Use web application firewall to block access to UserPro plugin endpoints

🧯 If You Can't Patch

Immediately disable the UserPro plugin via WordPress admin or command line
Implement strict network access controls to limit exposure of WordPress admin interface

🔍 How to Verify

Check if Vulnerable:

Check WordPress admin panel → Plugins → UserPro version. If version is 5.1.8 or lower, you are vulnerable.

Check Version:

wp plugin get userpro --field=version

Verify Fix Applied:

After updating, verify UserPro plugin shows version 5.1.9 or higher in WordPress admin.

📡 Detection & Monitoring

Log Indicators:

Unusual user privilege changes in WordPress logs
Multiple failed login attempts followed by successful admin login from new IP
UserPro plugin file modifications

Network Indicators:

HTTP POST requests to UserPro-specific endpoints from unauthenticated sources
Unusual traffic patterns to /wp-content/plugins/userpro/

SIEM Query:

source="wordpress.log" AND ("userpro" OR "privilege" OR "admin") AND ("escalat*" OR "takeover" OR "unauth*")

📊 Metadata

CVE ID: CVE-2024-35700

CVSS v3 Score: 9.8 (CRITICAL)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-269

Published: June 4, 2024

Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-35700, you might also want to check these: