Description
WordPress Plugin Post Form-Registration Form-Profile Form for User Profiles and Content Forms for User Submissions is prone to a deserialization vulnerability. Attackers can possibly exploit this issue to call files using a PHAR wrapper that will deserialize and call arbitrary PHP Objects that can be used to perform a variety of malicious actions, granted a POP chain is also present. WordPress Plugin Post Form-Registration Form-Profile Form for User Profiles and Content Forms for User Submissions version 2.7.7 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 2.7.8 or latest
References
https://www.tenable.com/security/research/tra-2023-7
https://plugins.svn.wordpress.org/buddyforms/trunk/readme.txt
Related Vulnerabilities
WordPress Plugin List Pages Shortcode Cross-Site Scripting (1.7.4)
WordPress Plugin AddToAny Share Buttons Cross-Site Scripting (1.7.47)
AbanteCart Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2022-26521)
WordPress Plugin Postie 'From' Field Cross-Site Scripting (1.4.3)
Magento Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2019-7951)