WordPress Plugin Vulnerabilities

Schema & Structured Data for WP & AMP < 1.27 - Contributor+ reCaptcha Key Update

Description

The plugin is vulnerable to unauthorized modification of data due to a missing capability check on the 'saswp_reviews_form_render' function, allowing authenticated attackers, with contributor access and above, to modify the plugin's stored reCaptcha site and secret keys, potentially breaking the reCaptcha functionality.

Affects Plugins

Plugin icon
schema-and-structured-data-for-wp
Fixed in 1.27

References

CVE
CVE-2024-1288
URL
https://www.wordfence.com/threat-intel/vulnerabilities/id/ac13f402-8a36-448f-87d4-48179a9699c6

Classification

Type
ACCESS CONTROLS
OWASP top 10
A5: Broken Access Control
CWE
CWE-284
CVSS
4.3 (medium)

Miscellaneous

Original Researcher
Ngô Thiên An (ancorn_)
Verified
No
WPVDB ID
8660a6dd-851b-4c78-8fd3-8e3bd27e99e0

Timeline

Publicly Published
2024-02-19 (about 2 years ago)
Added
2024-02-20 (about 2 years ago)
Last Updated
2024-02-20 (about 2 years ago)

Other

Published
Title
Published
2020-12-09
Title
DiveBook <= 1.1.4 - Improper Authorisation Check
Published
2022-03-28
Title
Shopping Cart & eCommerce Store < 5.2.5 - Arbitrary Design Settings Update via CSRF
Published
2024-06-05
Title
The Moneytizer < 10.0.1 - Cross-Site Request Forgery via multiple AJAX actions
Published
2019-07-10
Title
WP-GraphQL < 0.3.5 - Improper Access Control
Published
2020-07-07
Title
Adning Advertising < 1.5.6 - Unauthenticated Arbitrary File Upload/Deletion