CVE-2024-10728

The Post Grid Gutenberg Blocks and WordPress Blog Plugin – PostX plugin for WordPress is vulnerable to unauthorized plugin installation/activation due to a missing capability check on the 'install_required_plugin_callback' function in all versions up to, and including, 4.1.16. This makes it possible for authenticated attackers, with Subscriber-level access and above, to install and activate arbitrary plugins which can be leveraged to achieve remote code execution if another vulnerable plugin is installed and activated.

CVSS v3 8.8 HIGH

8.8^/10

CVSS v3 : HIGH

Vector :

Exploitability : 2.8 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://plugins.trac.wordpress.org/browser/ultimate-post/tags/4.1.16/classes/Importer.php#L94
https://plugins.trac.wordpress.org/browser/ultimate-post/tags/4.1.16/classes/Initialization.php#L330
https://plugins.trac.wordpress.org/changeset/3188636/ultimate-post/trunk/classes/Importer.php
https://wordpress.org/plugins/ultimate-post/
https://www.wordfence.com/threat-intel/vulnerabilities/id/076f36fb-c2fb-43e0-a027-1351d3995489?source=cve

Configurations

No configuration.

History

18 Nov 2024, 17:11

Type	Values Removed	Values Added
Summary		(es) El complemento Post Grid Gutenberg Blocks and WordPress Blog Plugin – PostX para WordPress es vulnerable a la instalación/activación no autorizada de complementos debido a una falta de verificación de capacidad en la función 'install_required_plugin_callback' en todas las versiones hasta la 4.1.16 incluida. Esto permite que atacantes autenticados, con acceso de nivel de suscriptor y superior, instalen y activen complementos arbitrarios que pueden aprovecharse para lograr la ejecución remota de código si se instala y activa otro complemento vulnerable.

16 Nov 2024, 05:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-11-16 05:15

Updated : 2024-11-18 17:11

NVD link : CVE-2024-10728

Mitre link : CVE-2024-10728

CVE.ORG link : CVE-2024-10728

JSON object : View

Products Affected

No product.

CWE

CWE-862

Missing Authorization

{"id": "CVE-2024-10728", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "security@wordfence.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.8}]}, "published": "2024-11-16T05:15:12.510", "references": [{"url": "https://plugins.trac.wordpress.org/browser/ultimate-post/tags/4.1.16/classes/Importer.php#L94", "source": "security@wordfence.com"}, {"url": "https://plugins.trac.wordpress.org/browser/ultimate-post/tags/4.1.16/classes/Initialization.php#L330", "source": "security@wordfence.com"}, {"url": "https://plugins.trac.wordpress.org/changeset/3188636/ultimate-post/trunk/classes/Importer.php", "source": "security@wordfence.com"}, {"url": "https://wordpress.org/plugins/ultimate-post/", "source": "security@wordfence.com"}, {"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/076f36fb-c2fb-43e0-a027-1351d3995489?source=cve", "source": "security@wordfence.com"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Primary", "source": "security@wordfence.com", "description": [{"lang": "en", "value": "CWE-862"}]}], "descriptions": [{"lang": "en", "value": "The Post Grid Gutenberg Blocks and WordPress Blog Plugin \u2013 PostX plugin for WordPress is vulnerable to unauthorized plugin installation/activation due to a missing capability check on the 'install_required_plugin_callback' function in all versions up to, and including, 4.1.16. This makes it possible for authenticated attackers, with Subscriber-level access and above, to install and activate arbitrary plugins which can be leveraged to achieve remote code execution if another vulnerable plugin is installed and activated."}, {"lang": "es", "value": "El complemento Post Grid Gutenberg Blocks and WordPress Blog Plugin \u2013 PostX para WordPress es vulnerable a la instalaci\u00f3n/activaci\u00f3n no autorizada de complementos debido a una falta de verificaci\u00f3n de capacidad en la funci\u00f3n 'install_required_plugin_callback' en todas las versiones hasta la 4.1.16 incluida. Esto permite que atacantes autenticados, con acceso de nivel de suscriptor y superior, instalen y activen complementos arbitrarios que pueden aprovecharse para lograr la ejecuci\u00f3n remota de c\u00f3digo si se instala y activa otro complemento vulnerable."}], "lastModified": "2024-11-18T17:11:17.393", "sourceIdentifier": "security@wordfence.com"}