Simple Payment WordPress Plugin Authentication Bypass Vulnerability
Vulnerability
A vulnerability allowing authentication bypass has been identified in the Simple Payment plugin for WordPress, affecting versions 1.3.6 prior to 2.3.8. The issue arises because the plugin fails to properly verify user identity before logging users in via the create_user() function. This flaw enables unauthenticated attackers to gain administrative access.
Impact
Exploitation of this vulnerability allows unauthenticated users to log in as administrators, potentially leading to unauthorized changes or actions within the WordPress site.
Reproduction
To reproduce this vulnerability, an unauthenticated user can send a request that bypasses the authentication checks, such as through a crafted form or API call that exploits the lack of proper user verification. Once the request is processed, the user will be logged in as an administrator.
Remediation
Users are advised to update the Simple Payment plugin to version 2.3.9 or later, where this vulnerability has been patched.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.