This is a summary of the AI-generated 10-question deep analysis. The full version (longer answers, follow-up Q&A, related CVEs) requires login. Read the full analysis β
Q1What is this vulnerability? (Essence + Consequences)
π¨ **Essence**: A critical authentication bypass in WPCOM Member. π **Consequences**: Attackers can impersonate ANY existing user without credentials. Total loss of account integrity.
Q2Root Cause? (CWE/Flaw)
π‘οΈ **CWE-287**: Improper Authentication. π **Flaw**: Weak validation of the `user_phone` parameter during login. The system trusts input without verifying identity properly.
Q3Who is affected? (Versions/Components)
π’ **Vendor**: whyun. π¦ **Product**: WPCOM Member (WordPress Plugin). π **Affected**: Versions **1.7.5 and earlier**. If you are on 1.7.5 or lower, you are at risk!
Q4What can hackers do? (Privileges/Data)
π **Privileges**: Full account takeover. π **Data**: Access to all user data, posts, and settings associated with the impersonated account. No password needed!
π΅οΈ **Public Exp?**: No specific PoC code provided in data. β οΈ **Risk**: High likelihood of wild exploitation due to low complexity and remote nature. Assume it is being exploited.
Q7How to self-check? (Features/Scanning)
π **Check**: Scan for WPCOM Member plugin. π **Version**: Verify if version β€ 1.7.5. π οΈ **Tool**: Use WordPress security scanners or check plugin directory details.
Q8Is it fixed officially? (Patch/Mitigation)
β **Fixed?**: Yes. π **Patch**: Reference changeset 3248208. π **Action**: Update to the latest version immediately. WordFence also tracks this vulnerability.
Q9What if no patch? (Workaround)
π§ **No Patch?**: Disable the plugin entirely. π **Mitigation**: Remove WPCOM Member if not essential. Monitor logs for suspicious login attempts via phone number.
Q10Is it urgent? (Priority Suggestion)
π₯ **Priority**: CRITICAL (CVSS 9.8). π¨ **Urgency**: Patch NOW. This is a remote, unauthenticated takeover. Do not wait. Protect your users' accounts immediately.