{"description":"Trending threats, MITRE ATT\u0026CK coverage, and detection metadata. Fed continuously.","feed_url":"https://feed.craftedsignal.io/vendors/bricksforge/feed.json","home_page_url":"https://feed.craftedsignal.io/","items":[{"_cs_actors":[],"_cs_cpes":[],"_cs_cves":[{"cvss":9.8,"id":"CVE-2026-14956"}],"_cs_exploited":false,"_cs_has_poc":false,"_cs_poc_references":[],"_cs_products":["Bricksforge plugin (up to 3.1.8.6)"],"_cs_severities":["critical"],"_cs_tags":["wordpress","plugin","privilege-escalation","vulnerability","webserver"],"_cs_type":"advisory","_cs_vendors":["Bricksforge"],"content_html":"\u003cp\u003eA critical privilege escalation vulnerability, tracked as CVE-2026-14956, has been identified in the Bricksforge plugin for WordPress, affecting all versions up to and including 3.1.8.6. This flaw originates from insufficient validation of the \u003ccode\u003efieldIds\u003c/code\u003e parameter within the Pro Forms registration action, enabling attackers to inject arbitrary field IDs into a trusted form-field whitelist. Unauthenticated attackers can exploit this by sending a specially crafted request to a publicly accessible Bricksforge Pro Forms registration form that is configured with the User Registration action. Successful exploitation allows the attacker to create a new administrator account, granting them complete control over the compromised WordPress website. This vulnerability poses a severe risk to organizations utilizing the Bricksforge plugin, as it can lead to unauthorized access, data manipulation, website defacement, and further malicious activities.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eAn unauthenticated attacker identifies a WordPress site utilizing the Bricksforge plugin and the Pro Forms feature.\u003c/li\u003e\n\u003cli\u003eThe attacker confirms the presence of a publicly accessible Bricksforge Pro Forms element configured with the User Registration action.\u003c/li\u003e\n\u003cli\u003eThe attacker crafts an HTTP POST request targeting the identified Pro Forms registration endpoint.\u003c/li\u003e\n\u003cli\u003eThe crafted request includes a maliciously manipulated \u003ccode\u003efieldIds\u003c/code\u003e parameter in the request body or query string.\u003c/li\u003e\n\u003cli\u003eThe \u003ccode\u003efieldIds\u003c/code\u003e parameter is populated with an attacker-supplied ID that, due to the improper validation flaw, is added to the plugin's trusted form-field whitelist.\u003c/li\u003e\n\u003cli\u003eThis allows the attacker to specify a privileged role, such as \u0026quot;administrator,\u0026quot; for the new user account being registered through other form parameters.\u003c/li\u003e\n\u003cli\u003eThe attacker submits the crafted POST request to the Bricksforge Pro Forms registration form.\u003c/li\u003e\n\u003cli\u003eThe vulnerable Bricksforge plugin processes the request, bypasses intended security controls, and successfully creates a new user account with administrator privileges on the WordPress site.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eSuccessful exploitation of CVE-2026-14956 results in a complete compromise of the affected WordPress website. Unauthenticated attackers gain full administrator privileges, enabling them to execute arbitrary code, manipulate website content, exfiltrate sensitive data, install backdoors, and launch further attacks. This can lead to significant reputational damage, operational disruption, and potential legal or compliance repercussions for the affected organization. The broad applicability to unauthenticated attackers and the ease of registering an admin account make this a high-severity threat with potentially widespread consequences for WordPress installations running vulnerable versions of the Bricksforge plugin.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePatch CVE-2026-14956 immediately by updating the Bricksforge plugin to a version beyond 3.1.8.6 as soon as a fix becomes available.\u003c/li\u003e\n\u003cli\u003eReview all Bricksforge Pro Forms configurations on your WordPress sites to ensure that any publicly accessible registration forms are not configured with the User Registration action, or disable them until a patch is applied.\u003c/li\u003e\n\u003cli\u003eMonitor web server logs for suspicious HTTP POST requests directed at registration endpoints, particularly those containing the \u003ccode\u003efieldIds\u003c/code\u003e parameter with unusual or unexpected values.\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2026-07-17T02:19:35Z","date_published":"2026-07-17T02:19:35Z","id":"https://feed.craftedsignal.io/briefs/2026-07-bricksforge-privesc/","summary":"The Bricksforge plugin for WordPress, in versions up to and including 3.1.8.6, contains a critical privilege escalation vulnerability, CVE-2026-14956, allowing unauthenticated attackers to register new administrator accounts by manipulating the 'fieldIds' parameter in Pro Forms registration actions, leading to full compromise of the WordPress site.","title":"Bricksforge WordPress Plugin Privilege Escalation Vulnerability (CVE-2026-14956)","url":"https://feed.craftedsignal.io/briefs/2026-07-bricksforge-privesc/"}],"language":"en","title":"CraftedSignal Threat Feed - Bricksforge","version":"https://jsonfeed.org/version/1.1"}