WordPress Plugin Vulnerabilities
Controlled Admin Access < 1.5.6 - Improper Access Control to Privilege Escalation
Description
The plugin did not properly restrict access when checking user with limited access, allowing them to query pages they should not be able to, which could lead to privilege escalation by creating a new administrator with full, unrestricted access to the blog.
Proof of Concept
Created a temporary admin account via the plugin (/wp-admin/users.php?page=controlled_admin_access), with limited access, logon with it and open the below URLs which should not be accessible - https://example.com/wp-admin/admin.php?page=%2Fcontrolled_admin_access
Affects Plugins
References
Classification
Type
ACCESS CONTROLS
OWASP top 10
CWE
CVSS
Miscellaneous
Original Researcher
Jerome Bruandet (nintechnet.com)
Verified
Yes
WPVDB ID
Timeline
Publicly Published
2021-03-30 (about 3 years ago)
Added
2021-03-30 (about 3 years ago)
Last Updated
2023-06-08 (about 11 months ago)