WordPress Plugin Vulnerabilities

Sparkle Demo Importer < 1.4.8 - Missing Authorization to Authorized(Subscriber+) Post/Pages/Attachements Deletion and Demo Data Import

Description

The Sparkle Demo Importer plugin for WordPress is vulnerable to unauthorized database reset and demo data import due to a missing capability check on the multiple functions in all versions up to and including 1.4.7. This makes it possible for authenticated attackers, with Subscriber-level access and above, to delete all posts, pages, and uploaded files, as well as download and install a limited set of demo plugins.

Affects Plugins

Plugin icon
sparkle-demo-importer
Fixed in 1.4.8

References

CVE
CVE-2024-6120
URL
https://www.wordfence.com/threat-intel/vulnerabilities/id/8f411d17-5b0d-4a4a-afa8-7efebf6965f2

Classification

Type
NO AUTHORISATION
OWASP top 10
A5: Broken Access Control
CWE
CWE-862
CVSS
6.5 (medium)

Miscellaneous

Original Researcher
Lucio Sá
Verified
No
WPVDB ID
071f5dde-e6e3-492d-857d-a0a670b9910a

Timeline

Publicly Published
2024-06-21 (about 1 year ago)
Added
2024-06-21 (about 1 year ago)
Last Updated
2024-06-22 (about 1 year ago)

Other

Published
Title
Published
2024-06-14
Title
Popup Builder – Create highly converting, mobile friendly marketing popups < 4.3.2 - Missing Authorization and Nonce Exposure
Published
2025-04-01
Title
Barcode Generator for WooCommerce < 2.0.5 - Missing Authorization to Authenticated (Subscriber+) Settings Update
Published
2025-11-24
Title
Social Images Widget <= 2.1 - Missing Authorization to Unauthenticated Arbitrary Plugin Settings Deletion
Published
2025-05-01
Title
OTP-less one tap Sign in 2.0.14 - 2.0.59 - Unauthenticated Arbitrary Email Update to Account Takeover/Privilege Escalation
Published
2025-03-27
Title
Our Team Members < 2.3 - Missing Authorization to Authenticated (Subscriber+) Information Disclosure