WordPress Plugin Vulnerabilities

uListing < 1.7 - Unauthenticated Arbitrary Roles and Capabilities Creation/Deletion

Description

The /1/api/ulisting-user/role/save REST route did not perform capability and CSRF checks, allowing unauthenticated users to remove and add roles, as well as add capabilities to the blog.

Affects Plugins

Plugin icon
ulisting
Fixed in 1.7

References

CVE
CVE-2021-4345
URL
https://blog.nintechnet.com/wordpress-ulisting-plugin-fixed-multiple-critical-vulnerabilities/

Classification

Type
ACCESS CONTROLS
OWASP top 10
A5: Broken Access Control
CWE
CWE-284
CVSS
5.3 (medium)

Miscellaneous

Original Researcher
Jerome Bruandet
Verified
Yes
WPVDB ID
0db9774c-2c34-4a2c-988d-66ceccf27652

Timeline

Publicly Published
2021-01-28 (about 3 years ago)
Added
2021-01-28 (about 3 years ago)
Last Updated
2023-06-08 (about 11 months ago)

Other

Published
Title
Published
2021-11-15
Title
User Meta Shortcodes <= 0.5 - Contributor+ Unauthorized Arbitrary User Metadata Access
Published
2024-01-16
Title
User Profile Builder < 3.10.9 - Missing Authorization to Plugin Settings Change via wppb_two_factor_authentication_settings_update
Published
2024-04-19
Title
VikBooking < 1.6.8 - Broken Access Control
Published
2022-08-01
Title
Duplicator < 1.4.7 - Unauthenticated Backup Download
Published
2021-03-23
Title
Controlled Admin Access < 1.5.2 - Improper Access Control & Privilege Escalation