9.1

CVE-2024-7856

EPSS 76.95%
Veröffentlicht 29.08.2024 11:15:29
Zuletzt bearbeitet 13.09.2024 18:14:47
Quelle security@wordfence.com
CVE-Watchlists
Login
Unerledigt
Login

MP3 Audio Player – Music Player, Podcast Player & Radio by Sonaar <= 5.7.0.1 - Missing Authorization to Authenticated (Subscriber+) Arbitrary File Deletion

The MP3 Audio Player – Music Player, Podcast Player & Radio by Sonaar plugin for WordPress is vulnerable to unauthorized arbitrary file deletion due to a missing capability check on the removeTempFiles() function and insufficient path validation on the 'file' parameter in all versions up to, and including, 5.7.0.1. This makes it possible for authenticated attackers, with subscriber-level access and above, to delete arbitrary files which can make remote code execution possible when wp-config.php is deleted.

Mögliche Gegenmaßnahme

MP3 Audio Player – Music Player, Podcast Player & Radio by Sonaar: Update to version 5.7.1, or a newer patched version

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 8

Weitere Schwachstelleninformationen

SystemWordPress Plugin

≫

Produkt MP3 Audio Player – Music Player, Podcast Player & Radio by Sonaar

Version *-5.7.0.1

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Sonaar ≫ Mp3 Audio Player For Music, Radio & Podcast SwPlatformwordpress Version < 5.7.1

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	76.95%	0.989

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	8.1	2.8	5.2	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
security@wordfence.com	9.1	3.9	5.2	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

CWE-862 Missing Authorization

The product does not perform an authorization check when an actor attempts to access a resource or perform an action.

https://plugins.trac.wordpress.org/browser/mp3-music-player-by-sonaar/tags/5.7.0.1/includes/class-sonaar-music.php#L739

Product

https://plugins.trac.wordpress.org/browser/mp3-music-player-by-sonaar/tags/5.7.0.1/includes/class-sonaar-music.php#L755

Product

https://plugins.trac.wordpress.org/changeset/3142445/mp3-music-player-by-sonaar/trunk/includes/class-sonaar-music.php

Patch

https://www.wordfence.com/threat-intel/vulnerabilities/id/43adc9dd-1780-440f-90c2-ff05a22eb084?source=cve

Third Party Advisory

https://www.wordfence.com/threat-intel/vulnerabilities/id/43adc9dd-1780-440f-90c2-ff05a22eb084

Third Party Advisory

https://nvd.nist.gov/vuln/detail/CVE-2024-7856

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2024-7856

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2024-7856

EUVD