Impact
The User Admin Simplifier plugin contains a missing or incorrect nonce validation in its options page logic. This flaw allows an unauthenticated attacker to submit a forged request, triggering the uas_save_admin_options() routine and overwriting the stored menu and admin‑bar configuration for any user. The vulnerability is a classic Cross‑Site Request Forgery, categorized under CWE‑352, and enables attackers to reset and permanently delete the targeted user's interface settings.
Affected Systems
The flaw exists in all releases of the WordPress plugin User Admin Simplifier up through version 3.0.0. Users running any of these versions are vulnerable until the plugin is updated to a version that addresses the CSRF issue.
Risk and Exploitability
The CVSS score for this vulnerability is 4.3, indicating a medium impact. The EPSS score is currently unavailable, and the flaw is not listed in the CISA KEV catalog. Exploitation requires the attacker to trick a site administrator into visiting a crafted link or embedding the forged request, after which the administrator’s session will be used to reset or delete their configuration. Because the attack can be performed without auth and the effect is limited to configuration settings, the overall risk remains moderate but should still be addressed promptly.
OpenCVE Enrichment