WordPress Plugin Vulnerabilities

Quasar Theme Rock Form Builder plugin - Privilege Escalation

Description

The Rock Form Builder plugin (1.0) is used within the Quasar WooCommerce theme (1.9.1).

Authenticated users can modify WordPress settings which can lead to full site compromise.

It's unclear which exact version of the rock-form-builder fixed the issue, but it was something in between 1.0 and 2.5, so the fixed in has been set to 2.5.

Proof of Concept

Affects Plugins

Plugin icon
rock-form-builder
Fixed in 2.5

Affects Themes

quasar
Fixed in 2.0

References

URL
https://packetstormsecurity.com/files/#130200/
URL
https://web.archive.org/web/20150608222816/https://research.evex.pw/?vuln=4
URL
https://themeforest.net/item/quasar-wordpress-theme-with-animation-builder/6126939

Classification

Type
ACCESS CONTROLS
OWASP top 10
A5: Broken Access Control
CWE
CWE-284
CVSS
8.8 (high)

Miscellaneous

Submitter
Evex
Submitter twitter
Evex_1337
Verified
No
WPVDB ID
34084861-0ebb-4421-a6ac-27627d2a507f

Timeline

Publicly Published
2015-02-22 (about 11 years ago)
Added
2015-02-22 (about 11 years ago)
Last Updated
2021-01-26 (about 5 years ago)

Other

Published
Title
Published
2021-05-26
Title
Simple 301 Redirects by BetterLinks - 2.0.0 – 2.0.3 - Arbitrary Plugin Activation
Published
2024-03-25
Title
Meta Box < 5.9.4 - Contributor+ Arbitrary Posts' Custom Field Disclosure
Published
2021-08-30
Title
Premium Addons for Elementor < 4.5.2 - Subscriber+ Arbitrary Blog Option Update
Published
2021-08-23
Title
Timetable and Event Schedule by MotoPress < 2.4.2 - Unauthorised Event TimeSlot Deletion
Published
2021-12-28
Title
LabTools <= 1.0 - Subscriber+ Arbitrary Publication Deletion