A command-line tool to detect CVE-2026-3629, a critical privilege escalation vulnerability in the "Import and export users and customers" WordPress plugin.
Stay updated with the latest security tools, vulnerabilities, and hacking techniques!
- ✅ Latest CVE updates
- ✅ New security tools
- ✅ Hacking tutorials
- ✅ Bug bounty tips
- ✅ Community support
👉 Channel: @PySecTools
| Attribute | Value |
|---|---|
| CVE ID | CVE-2026-3629 |
| CVSS Score | 8.1 (High) |
| Attack Vector | Network |
| Privileges Required | None |
| CWE | CWE-269 (Improper Privilege Management) |
Description: The plugin's save_extra_user_profile_fields function fails to restrict user meta keys. The wp_capabilities key is not blocked, allowing unauthenticated attackers to gain Administrator privileges.
Affected Versions: ≤ 1.29.7 (Fixed in 1.29.8+)
Exploitation Prerequisites (BOTH required):
- "Show fields in profile" setting enabled
- CSV with
wp_capabilitiescolumn imported
Impact: Full admin access, site takeover, malicious plugin installation.
Discoverer: Supanat Konprom | Disclosed: March 21, 2026
- Single target scanning
- Default values for username, email & timeout
- False-positive detection
- Colored output & error handling
git clone https://github.com/PySecTools/CVE-2026-3629-Checker.git
cd CVE-2026-3629-Checker
pip install requests coloramapython3 cve_2026_3629_checker.py <URL> [OPTIONS]| Command | Description |
|---|---|
python3 cve_2026_3629_checker.py http://example.com |
Run with default settings |
python3 cve_2026_3629_checker.py http://example.com -u hacker -e hack@mail.com |
Custom username & email |
python3 cve_2026_3629_checker.py http://example.com -t 15 |
Set timeout to 15 seconds |
python3 cve_2026_3629_checker.py https://target.com -u admin -e a@a.com -t 20 |
Full options |
| Argument | Default | Description |
|---|---|---|
url |
Required | Target WordPress URL |
-u, --username |
test_username |
Test username |
-e, --email |
test_username@example.com |
Test email |
-t, --timeout |
30 |
Timeout in seconds |
╔══════════════════════════════════════════════════════╗
║ WordPress Privilege Escalation Checker ║
║ Single Target Mode ║
╚══════════════════════════════════════════════════════╝
════════════════════════════════════════
Target: http://vulnerable-site.com
════════════════════════════════════════
[✓] VULNERABLE! User 'test_username' created successfully!
[+] URL: http://vulnerable-site.com
════════════════════════════════════════
[✓] RESULT: VULNERABLE ✓
════════════════════════════════════════
[✗] SAFE (Registration is blocked/disabled)
════════════════════════════════════════
[✗] RESULT: NOT VULNERABLE ✗
════════════════════════════════════════
- Update plugin to version 1.29.8 or higher
- Disable "Show fields in profile" setting
- Audit existing admin users for unauthorized accounts
For educational and authorized testing only. Only use on systems you own or have written permission to test. Unauthorized use is illegal.
- GitHub: github.com/PySecTools
- Telegram: t.me/PySecTools
USDT (TRC20): TNia5W6TameZ81y6FaSU3RhefYPnFDBZou
USDT (BSC - BEP20): 0x494f424e34840b21597ad75fc092a8d200655257
- Wordfence Threat Intelligence - CVE-2026-3629
- NVD National Vulnerability Database
- WordPress Plugin Trac - Columns.php (line 193, 217)
- WordPress Plugin Trac - Helper.php (line 146)
- Plugin Changelog - Version 1.29.8
- CVE Program - CVE-2026-3629 Entry
- CVSS Calculator - Vector String Analysis
MIT License - See LICENSE file for details.
⭐ Star this repository if it helped you!