WordPress WP Register Profile With Shortcode 敏感数据暴露漏洞
漏洞信息
漏洞名称: WordPress WP Register Profile With Shortcode 敏感数据暴露漏洞
漏洞编号:
- CVE: CVE-2025-4593
漏洞类型: 信息泄露
漏洞等级: 中危
漏洞描述: ### 受影响产品
WordPress是全球最流行的内容管理系统之一,广泛应用于个人博客、企业网站等多种场景。WP Register Profile With Shortcode是WordPress的一个插件,用于通过短码注册用户配置文件。该插件因其便捷性而被广泛使用。
漏洞说明
此漏洞属于敏感信息暴露类型,存在于wp-register-profile-with-shortcode插件中,具体问题出在includes/shortcode.php文件的访问控制不当。攻击者可以通过认证后利用[rp_user_data]短码,访问到本不应公开的敏感数据。漏洞的根本原因在于插件未能正确实施访问控制,导致任何认证用户(如贡献者角色)都能访问敏感信息。
影响分析
此漏洞允许攻击者在认证后获取敏感数据,可能导致用户隐私泄露、数据滥用等安全问题。虽然需要认证才能利用此漏洞,但考虑到WordPress网站的广泛性,以及贡献者角色的普遍存在,这一漏洞的影响范围仍然较大。攻击者可以利用此漏洞自动化收集敏感信息,对网站安全构成威胁。建议立即更新插件至3.6.3或更高版本,并实施最小权限原则,以减少潜在风险。
产品厂商: WordPress
产品名称: WP Register Profile With Shortcode
影响版本: ≤ 3.6.2
来源: https://github.com/karenucqki/CVE-2025-4593
类型: CVE-2025:github search
仓库文件
- README.md
来源概述
CVE-2025-4593 WP Register Profile Sensitive Data Exposure PoC Exploit
Authenticated Information Disclosure exploit for WordPress sites using vulnerable WP Register Profile With Shortcode plugin.
Affected Shortcode:
[rp_user_data]
🧠 CVE Details
- CVE: CVE-2025-4593
- CVSS: 6.5 (Medium)
- Type: Sensitive Information Exposure
- Component:
wp-register-profile-with-shortcodeplugin - Vulnerable Versions: ≤ 3.6.2
- Root Cause: Improper access control in
includes/shortcode.php
🔧 Usage
1 | |
Options:
| Flag | Description |
|---|---|
-u |
Target WordPress URL |
-c |
Contributor username |
-p |
Account password |
--meta |
Specific metadata to dump (default: all) |
--output |
Export format: json, csv, or txt |
🛡️ Mitigation
- Immediately update to plugin version ≥ 3.6.3
- Add firewall rule blocking access to
wp-content/plugins/wp-register-profile-with-shortcode/ - Apply principle of least privilege:
add_filter('rp_user_data_access', function() { return current_user_can('manage_options'); }); - Audit user accounts with Contributor+ roles
📜 Disclaimer
This tool is intended for authorized security assessments only. Unauthorized use violates computer fraud laws. Always obtain explicit permission before testing.