WordPress Plugin Vulnerabilities
All Users Messenger <= 1.24 - Subscriber+ Message Deletion via IDOR
Description
The plugin does not prevent non-administrator users from deleting messages from the all-users messenger.
Proof of Concept
1) Go to the messenger 2) Catch a request that is constantly running at intervals of 3 seconds 3) Change the message time argument to true 4) Set true for permission to delete a comment. e.g. `{"userid":2,"delete":{"1690817948":true},"submit_delete":true}`
Affects Plugins
References
Classification
Type
IDOR
OWASP top 10
CWE
CVSS
Miscellaneous
Original Researcher
Dmitrii Ignatyev
Submitter
Dmitrii Ignatyev
Submitter website
Verified
Yes
WPVDB ID
Timeline
Publicly Published
2023-08-07 (about 9 months ago)
Added
2023-08-07 (about 9 months ago)
Last Updated
2023-08-22 (about 8 months ago)