CVE-2021-34621

I add my exploits here.

Exploits I add my exploits here CVE-2021-34621 A vulnerability in the user registration component found in the ~/src/Classes/RegistrationAuthphp file of the ProfilePress WordPress plugin made it possible for users to register on sites as an administrator This issue affects versions 300 - 313 Usage: /CVE-2021-34621sh {URL}

CVE-2021-34621

ProfilePress 3.0 - 3.1.3 - Unauthenticated Privilege Escalation

CVE-2021-34621 ProfilePress 30 - 313 - Unauthenticated Privilege Escalation Description The user registration functionality of the plugin allowed arbitrary user meta to be supplied, including wp_capabilities, during registration which made it possible for users to register as an administrator POC <?php // Settings $wp_url = $argv[1]; // Update Settings $ch = curl_i

A PoC exploit for CVE-2021-34621 - WordPress Privilege Escalation

CVE-2021-34621 - WordPress Privilege Escalation A critical vulnerability has been identified in the user registration component of the ProfilePress WordPress plugin This security flaw, assigned CVE-2021-34621, allows unauthorized users to register on websites with administrator privileges, potentially leading to a complete compromise of the site's security Vulnerable Com