CVE-2023-2297 — CRITICAL (9.8)

Q: How severe is CVE-2023-2297?

CVE-2023-2297 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.

Q: Is there a patch for CVE-2023-2297?

Check the references section above for vendor advisories and patch information. Affected products include: Cozmoslabs Profile Builder.

Vulnerability Description

The Profile Builder – User Profile & User Registration Forms plugin for WordPress is vulnerable to unauthorized password resets in versions up to, and including 3.9.0. This is due to the plugin using native password reset functionality, with insufficient validation on the password reset function (wppb_front_end_password_recovery). The function uses the plaintext value of a password reset key instead of a hashed value which means it can easily be retrieved and subsequently used. An attacker can leverage CVE-2023-0814, or another vulnerability like SQL Injection in another plugin or theme installed on the site to successfully exploit this vulnerability.

CVSS Score

9.8

CRITICAL

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

HIGH

Availability

HIGH

Affected Products

Vendor	Product	Versions
Cozmoslabs	Profile Builder	<= 3.9.0

Related Weaknesses (CWE)

CWE-287 CWE-620

References

https://lana.codes/lanavdb/512e7307-04a5-4d8b-8f79-f75f37784a9f/ExploitThird Party Advisory
https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&oldPatch
https://www.wordfence.com/blog/2023/03/vulnerability-patched-in-cozmolabs-profilExploitThird Party Advisory
https://www.wordfence.com/threat-intel/vulnerabilities/id/e731292a-4f95-46eb-889PatchThird Party Advisory
https://lana.codes/lanavdb/512e7307-04a5-4d8b-8f79-f75f37784a9f/ExploitThird Party Advisory
https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&oldPatch
https://www.wordfence.com/blog/2023/03/vulnerability-patched-in-cozmolabs-profilExploitThird Party Advisory
https://www.wordfence.com/threat-intel/vulnerabilities/id/e731292a-4f95-46eb-889PatchThird Party Advisory

FAQ

What is CVE-2023-2297?

CVE-2023-2297 is a vulnerability with a CVSS score of 9.8 (CRITICAL). The Profile Builder – User Profile & User Registration Forms plugin for WordPress is vulnerable to unauthorized password resets in versions up to, and including 3.9.0. This is due to the plugin using...

How severe is CVE-2023-2297?

CVE-2023-2297 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.

Is there a patch for CVE-2023-2297?

Check the references section above for vendor advisories and patch information. Affected products include: Cozmoslabs Profile Builder.