EUVD-2026-17365

| CVE-2026-3139 MEDIUM
2026-03-31 Wordfence
4.3
CVSS 3.1
Share

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
Low
Availability
None

Lifecycle Timeline

3
Analysis Generated
Mar 31, 2026 - 11:45 vuln.today
EUVD ID Assigned
Mar 31, 2026 - 11:45 euvd
EUVD-2026-17365
CVE Published
Mar 31, 2026 - 11:18 nvd
MEDIUM 4.3

Tags

WordPress Authentication Bypass

Description

The User Profile Builder - Beautiful User Registration Forms, User Profiles & User Role Editor plugin for WordPress is vulnerable to Insecure Direct Object Reference in versions up to, and including, 3.15.5 via the wppb_save_avatar_value() function due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with subscriber-level access and above, to reassign ownership of arbitrary posts and attachments by changing 'post_author'.

Analysis

User Profile Builder plugin for WordPress up to version 3.15.5 allows authenticated subscribers and above to reassign ownership of arbitrary posts and attachments through insecure direct object reference (IDOR) in the wppb_save_avatar_value() function. The vulnerability lacks validation on user-controlled keys, enabling privilege escalation where low-privileged users can modify post_author fields to take control of content created by other users. …

Sign in for full analysis, threat intelligence, and remediation guidance.

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

Sign in - Free

Priority Score

22
Low Medium High Critical
KEV: 0
EPSS: +0.0
CVSS: +22
POC: 0

Share

EUVD-2026-17365 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy