8.8
CVE-2024-10800
- EPSS 0.79%
- Veröffentlicht 13.11.2024 05:15:11
- Zuletzt bearbeitet 19.11.2024 17:08:44
- Quelle security@wordfence.com
- CVE-Watchlists
- Unerledigt
LoginWordPress User Extra Fields <= 16.6 - Missing Authorization to Authenticated (Subscriber+) Privilege Escalation
WordPress User Extra Fields <= 16.6 - Missing Authorization to Authenticated (Subscriber+) Privilege Escalation
The WordPress User Extra Fields plugin for WordPress is vulnerable to privilege escalation due to a missing capability check on the ajax_save_fields() function in all versions up to, and including, 16.6. This makes it possible for authenticated attackers, with subscriber-level access and above, to add custom fields that can be updated and then use the check_and_overwrite_wp_or_woocommerce_fields function to update the wp_capabilities field to have administrator privileges.
Mögliche Gegenmaßnahme
WordPress User Extra Fields: Update to version 16.7, or a newer patched version
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Vanquish ≫ User Extra Fields SwPlatformwordpress Version < 16.7
Weitere Schwachstelleninformationen
SystemWordPress Plugin
≫
Produkt
WordPress User Extra Fields
Version
*-16.6
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.79% | 0.514 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| security@wordfence.com | 8.8 | 2.8 | 5.9 |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
|
CWE-862 Missing Authorization
The product does not perform an authorization check when an actor attempts to access a resource or perform an action.
https://codecanyon.net/item/user-extra-fields/12949844
https://www.wordfence.com/threat-intel/vulnerabilities/id/a18fa7e6-813d-4b48-bd4e-5232fb8382d1?source=cve
https://www.wordfence.com/threat-intel/vulnerabilities/id/a18fa7e6-813d-4b48-bd4e-5232fb8382d1