CVE-2024-2297

EPSS 0.33%
Veröffentlicht 27.02.2025 06:15:21
Zuletzt bearbeitet 11.03.2025 19:39:40
Quelle security@wordfence.com
CVE-Watchlists
Login
Unerledigt
Login

Bricksbuilder <= 1.9.6.1 - Authenticated (Contributor+) Privilege Escalation via create_autosave

The Bricks theme for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 1.9.6.1. This is due to insufficient validation checks placed on the create_autosave AJAX function. This makes it possible for authenticated attackers, with contributor-level access and above, to execute arbitrary PHP code with elevated (administrator-level) privileges. NOTE: Successful exploitation requires (1) the Bricks Builder to be enabled for posts (2) Builder access to be enabled for contributor-level users, and (3) "Code Execution" to be enabled for administrator-level users within the theme's settings.

Mögliche Gegenmaßnahme

Bricks: Update to version 1.9.7, or a newer patched version

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 6

NVD 1 VulnDex Vulnerability Enrichment 2

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Bricksbuilder ≫ Bricks SwPlatformwordpress Version < 1.9.7

VulnDex Vulnerability Enrichment

Diese Information steht angemeldeten Benutzern zur Verfügung.

Weitere Schwachstelleninformationen

SystemWordPress Theme

≫

Produkt Bricks

Version *-1.9.6.1

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.33%	0.249

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	8.8	2.8	5.9	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
security@wordfence.com	7.1	1.2	5.9	CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H

CWE-269 Improper Privilege Management

The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.

https://bricksbuilder.io/release/bricks-1-9-7/

Release Notes

https://www.wordfence.com/threat-intel/vulnerabilities/id/cb075e85-75fc-4008-8270-4d1064ace29e?source=cve

Third Party Advisory

https://www.wordfence.com/threat-intel/vulnerabilities/id/cb075e85-75fc-4008-8270-4d1064ace29e

Third Party Advisory

https://nvd.nist.gov/vuln/detail/CVE-2024-2297

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2024-2297

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2024-2297

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2024-2297