WordPress Plugin Vulnerabilities

GamiPress – The #1 gamification plugin to reward points, achievements, badges & ranks in WordPress < 7.1.6 - Unauthenticated Arbitrary Shortcode Execution via gamipress_get_user_earnings

Description

The The GamiPress – The #1 gamification plugin to reward points, achievements, badges & ranks in WordPress plugin for WordPress is vulnerable to arbitrary shortcode execution via gamipress_get_user_earnings AJAX action in all versions up to, and including, 7.1.5. This is due to the software allowing users to execute an action that does not properly validate a value before running do_shortcode. This makes it possible for unauthenticated attackers to execute arbitrary shortcodes.

Affects Plugins

Plugin icon
gamipress
Fixed in 7.1.6

References

CVE
CVE-2024-11036
URL
https://www.wordfence.com/threat-intel/vulnerabilities/id/bad0cd3f-88ea-4a1d-b400-0a450b07a546

Classification

Type
RCE
OWASP top 10
A1: Injection
CWE
CWE-94
CVSS
7.3 (high)

Miscellaneous

Original Researcher
Arkadiusz Hydzik
Verified
No
WPVDB ID
96246836-f0a4-4504-85a8-7124fb507608

Timeline

Publicly Published
2024-11-18 (about 1 year ago)
Added
2024-11-18 (about 1 year ago)
Last Updated
2024-11-19 (about 1 year ago)

Other

Published
Title
Published
2023-09-19
Title
File Manager Pro < 1.8.1 - Admin+ Remote Code Execution
Published
2026-04-20
Title
Slider, Gallery, and Carousel by MetaSlider < 3.107.0 - Editor+ Remote Code Execution
Published
2021-05-26
Title
Gallery From Files <= 1.6.0 - Unauthenticated RCE
Published
2024-10-14
Title
AADMY – Add Auto Date Month Year Into Posts < 2.0.2 - Unauthenticated Arbitrary Shortcode Execution
Published
2014-08-01
Title
Kernel Theme - functions/upload-h&ler.php File Upload Remote Code Execution