Profiler WordPress Plugin Missing Authentication Vulnerability Allows Unauthenticated Plugin Reactivation
Vulnerability
A vulnerability exists in the Profiler – What Slowing Down Your WP plugin for WordPress, in all versions through 1.0.0. The issue arises from a lack of proper capability checks in the wpsd_plugin_control() function, allowing unauthenticated attackers to reactivate deactivated plugins by accessing the 'Profiler' page.
Impact
Exploitation of this vulnerability allows for unauthorized reactivation of deactivated WordPress plugins, which could lead to other vulnerabilities being introduced or exploited.
Reproduction
To reproduce this vulnerability, access the 'Profiler' page while logged out or without authentication. Once on the page, send a request to the wpsd_plugin_control() function with the appropriate parameters to reactivate a previously deactivated plugin. This can be done by specifying the plugin name in the request.
Remediation
No known patch is available. It is recommended to review the vulnerability details and consider uninstalling the affected plugin.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.