WordPress Plugin Vulnerabilities

Build App Online < 1.0.21 - Subscriber+ Privilege Escalation

Description

The plugin does not have authorisation in its update_user_meta_value function, allowing any authenticated users, such as subscriber to update arbitrary user metadata and grand themselves administrator privileges

Affects Plugins

Plugin icon
build-app-online
Fixed in 1.0.21

References

CVE
CVE-2023-51479
URL
https://patchstack.com/database/vulnerability/build-app-online/wordpress-build-app-online-plugin-1-0-19-authenticated-privilege-escalation-vulnerability

Classification

Type
NO AUTHORISATION
OWASP top 10
A5: Broken Access Control
CWE
CWE-862
CVSS
8.8 (high)

Miscellaneous

Original Researcher
Rafie Muhammad
Verified
No
WPVDB ID
270d8c5a-692f-4569-aaa4-1f7382af3e30

Timeline

Publicly Published
2023-12-27 (about 2 years ago)
Added
2024-01-05 (about 2 years ago)
Last Updated
2024-08-09 (about 1 year ago)

Other

Published
Title
Published
2023-07-24
Title
Instant CSS < 1.1.5 - Subscriber+ Unauthorised AJAX Calls
Published
2024-05-09
Title
SportsPress – Sports Club & League Manager < 2.7.21 - Missing Authorization to Notice Dismissal
Published
2024-04-22
Title
5 Stars Rating Funnel < 1.3.02 - Missing Authorization
Published
2024-04-25
Title
Barcode Scanner with Inventory & Order Manager < 1.5.4 - Missing Authorization
Published
2024-10-11
Title
Read more By Adam <= 1.1.8 - Missing Authorization to Authenticated (Subscriber+) Read More Button Deletion