User Registration and Membership WordPress Plugin Cross-Site Request Forgery Vulnerability Allowing Arbitrary Post Deletion

A Cross-Site Request Forgery (CSRF) vulnerability has been identified in the User Registration & Membership WordPress plugin, specifically in versions through 4.4.8. The issue arises from inadequate nonce validation in the 'process_row_actions' function when the 'delete' action is invoked. This vulnerability enables unauthenticated attackers to delete arbitrary posts by sending a forged request, provided they can persuade a site administrator to click a link or perform a similar action.

Impact

Exploitation of this vulnerability allows for the unauthorized deletion of posts.

Reproduction

To reproduce this vulnerability, an attacker must send a forged request to a WordPress site using the vulnerable plugin version. This request should include the 'delete' action for a specific post. The attacker must also trick an administrator into clicking a link that activates the forged request, such as through a social engineering tactic or by embedding the request in a way that the administrator unknowingly initiates it.

Remediation

Users are advised to update the User Registration & Membership plugin to version 4.4.9 or later.