Description

WordPress 4.8.2 stores cleartext wp_signups.activation_key values (but stores the analogous wp_users.user_activation_key values as hashes), which might make it easier for remote attackers to hijack unactivated user accounts by leveraging database read access (such as access gained through an unspecified SQL injection vulnerability).

Remediation

References

CVE-2017-14990

Related Vulnerabilities

WordPress Plugin Ultimate Member-User Profile, Registration, Login, Member Directory, Content Restriction & Membership Security Bypass (2.1.2)

phpBB Permissions, Privileges, and Access Controls Vulnerability (CVE-2010-1627)

WordPress Plugin Newsletter Subscription Form Possible Remote Code Execution (1.1.2)

WordPress Plugin GamePress-The Game Database Cross-Site Scripting (1.1.0)

Jenkins Protection Mechanism Failure Vulnerability (CVE-2021-21690)

Severity

Medium

Classification

CVE-2017-14990 CWE-312 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

Tags

Missing Update Known Vulnerabilities