Adifier System < 3.1.8 – Unauthenticated Arbitrary Password Reset | CVE 2024-13375 | Plugin Vulnerabilities

Description

The plugin is vulnerable to privilege escalation via account takeover due to the plugin not properly validating a user's identity prior to updating their details like password through the adifier_recover() function. This makes it possible for unauthenticated attackers to change arbitrary user's passwords, including administrators, and leverage that to gain access to their account.

Affects Plugins

Fixed in 3.1.8

References

CVE

URL

https://www.wordfence.com/threat-intel/vulnerabilities/id/fbf2aeed-0f18-4ef6-aff8-9e8c4531d789

Classification

Type

PRIVESC

OWASP top 10

A2: Broken Authentication and Session Management

CWE

CVSS

Miscellaneous

Original Researcher

Tonn

Verified

No

WPVDB ID

0aa9741f-a1aa-4def-bd88-8162a1a3444e

Timeline

Publicly Published

2025-01-17 (about 1 year ago)

Added

2025-01-17 (about 1 year ago)

Last Updated

2025-01-17 (about 1 year ago)

Other

Published

Title

Published

2026-02-18

Title

Toret Manager < 1.3.0 - Authenticated (Subscriber+) Arbitrary Options Update via AJAX actions

Published

2017-11-27

Title

Elementor Page Builder < 1.8.0 - Authenticated Unrestricted Editing

Published

2025-03-06

Title

School Management System for Wordpress <= 93.0.0 - Student+ Account Takeover and Privilege Escalation

Published

2016-02-10

Title

Woocommerce Exporter < 1.8.4 - Privilege Esclation

Published

2025-10-21

Title

Age Restriction <= 3.0.2 - Subscriber+ Privilege Escalation