Skip to main content

Bricksforge CVE-2026-14956

| EUVDEUVD-2026-45123 CRITICAL
Improper Privilege Management (CWE-269)
2026-07-17 Wordfence
9.8
CVSS 3.1 · NVD
Share

Severity by source

Vendor (Wordfence) PRIMARY
CRITICAL
qualitative
NVD
9.8 CRITICAL
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
vuln.today AI
9.8 CRITICAL

Remote, unauthenticated, single-request administrator creation with no user interaction yields AV:N/AC:L/PR:N/UI:N and full C/I/A impact; the public-form prerequisite is a config precondition, not attack complexity.

3.1 AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
4.0 AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Primary rating from Vendor (Wordfence).

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

2
Analysis Generated
Jul 17, 2026 - 02:00 vuln.today
CVE Published
Jul 17, 2026 - 01:30 cve.org
CRITICAL 9.8

DescriptionNVD

The Bricksforge plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 3.1.8.6. This is due to improper validation of the fieldIds parameter in the Pro Forms registration action, which allows attacker-supplied field IDs to be added to the trusted form-field whitelist. This makes it possible for unauthenticated attackers to register a new administrator account by submitting a crafted request to a publicly accessible Bricksforge Pro Forms registration form. Successful exploitation requires that the site has a public Bricksforge Pro Forms element configured with the User Registration action.

AnalysisAI

Unauthenticated privilege escalation in the Bricksforge WordPress plugin (versions ≤ 3.1.8.6) lets remote attackers create a new administrator account by abusing the Pro Forms User Registration action. The plugin fails to validate the fieldIds parameter, so attacker-supplied field IDs are injected into the trusted form-field whitelist, enabling mass-assignment of a privileged role. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Identify public Bricksforge Pro Forms registration form
Delivery
Craft request injecting role field into fieldIds
Exploit
Submit to registration action endpoint
Execution
Bypass field whitelist validation
Persist
Register new administrator account
Impact
Full WordPress site takeover

Vulnerability AssessmentAI

Exploitation Exploitation requires that the target site has a publicly accessible Bricksforge Pro Forms element configured with the User Registration action - this specific feature/configuration is the mandatory precondition and sites without such a form are not exploitable despite running a vulnerable version. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment This is a genuine high priority, not an inflated CVSS. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker locates a WordPress site running Bricksforge with a public Pro Forms registration form, then submits a crafted registration request that adds a role/capabilities field ID to the fieldIds parameter and sets its value to administrator. The server accepts the manipulated whitelist and provisions a new administrator account, giving the unauthenticated attacker full control of the site. …
Remediation Upgrade Bricksforge to a fixed release above 3.1.8.6 as published in the vendor changelog (https://bricksforge.io/version-changelog/); the input does not specify an exact patched version number, so treat this as 'Patch available per vendor advisory' and confirm the fixed build against the changelog before deploying. … Detailed patch versions, workarounds, and compensating controls in full report.

Recommended ActionAI

Within 24 hours: Identify all WordPress installations running Bricksforge version 3.1.8.6 or earlier and immediately disable the Pro Forms User Registration feature or deactivate the entire plugin. …

Sign in for detailed remediation steps and compensating controls.

Threat intelligence, references, and detailed analysis are available after sign-in.

Share

CVE-2026-14956 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy