CVE-2023-2297

Name of the Vulnerable Software and Affected Versions The Profile Builder – User Profile & User Registration Forms plugin for WordPress versions up to, and including 3.9.0

Description The issue arises from the plugin's use of native password reset functionality with insufficient validation on the wppb front end password recovery function. This function utilizes the plaintext value of a password reset key instead of a hashed value, making it easily retrievable and exploitable. An attacker can exploit this by leveraging another vulnerability, such as SQL Injection in another plugin or theme installed on the site.

Recommendations For The Profile Builder – User Profile & User Registration Forms plugin for WordPress versions up to, and including 3.9.0, update to a version higher than 3.9.0 to resolve the issue. As a temporary workaround, consider restricting access to the password reset functionality until a patch is available.