Zephyr Project Manager < 3.3.99 – Authenticated (Subscriber+) Privilege Escalation via User Meta Update | CVE 2024-37484 | Plugin Vulnerabilities

Description

The Zephyr Project Manager plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 3.3.97. This is due to the plugin not properly verifying user meta updated through the update_user_meta function. This makes it possible for authenticated attackers, with subscriber-level access and above, to update their user meta which can be leveraged to update their capabilities to gain administrator access.

Affects Plugins

zephyr-project-manager

Fixed in 3.3.99

References

CVE

URL

https://www.wordfence.com/threat-intel/vulnerabilities/id/a6090c3d-e4ee-4c9d-9605-e18000f283c5

Classification

Type

NO AUTHORISATION

OWASP top 10

A5: Broken Access Control

CWE

CVSS

Miscellaneous

Original Researcher

shaman0x01

Verified

No

WPVDB ID

959b816c-c49f-49d1-8c44-46b13ff5953b

Timeline

Publicly Published

2024-07-04 (about 1 year ago)

Added

2024-07-11 (about 1 year ago)

Last Updated

2024-07-11 (about 1 year ago)

Other

Published

Title

Published

2023-11-20

Title

Perfmatters < 2.1.7 - Missing Authorization

Published

2023-07-17

Title

ProfileGrid < 5.5.2 - Subscriber+ Arbitrary Option Update

Published

2024-03-19

Title

Coming Soon, Under Construction & Maintenance Mode By Dazzler < 2.1.3 - Maintenance Mode Bypass

Published

2025-07-03

Title

Booking X 1.0 - 1.1.2 - Missing Authorization to Unauthenticated Sensitive Information Disclosure via export_now() Function

Published

2025-11-21

Title

GoDAM < 1.4.7 - Missing Authorization