CVE-2024-10800

Name of the Vulnerable Software and Affected Versions WordPress User Extra Fields plugin versions up to, and including, 16.6

Description The WordPress User Extra Fields plugin is vulnerable to privilege escalation due to a missing capability check on the ajax save fields() function. This allows authenticated attackers, with subscriber-level access and above, to add custom fields that can be updated and then use the check and overwrite wp or woocommerce fields function to update the wp capabilities field to have administrator privileges.

Recommendations For WordPress User Extra Fields plugin versions up to, and including, 16.6, update to a version higher than 16.6 to resolve the issue. As a temporary workaround, consider disabling the ajax save fields() function until a patch is available. Restrict access to the check and overwrite wp or woocommerce fields function to minimize the risk of exploitation. Avoid using the wp capabilities field in the affected plugin until the issue is resolved.