JupiterX Core < 2.0.7 – Information Disclosure, Modification, and Denial of Service | CVE 2022-1659 | Plugin Vulnerabilities

Description

Any logged in users, such as subscriber could view site configuration and logged-in users, modify post conditions, or perform a denial of service attack via the jupiterx_conditional_manager AJAX action which can be used to call any function in the includes/condition/class-condition-manager.php file by sending the desired function to call in the sub_action parameter.

Affects Plugins

Fixed in 2.0.7

References

CVE

URL

https://www.wordfence.com/blog/2022/05/critical-privilege-escalation-vulnerability-in-jupiter-and-jupiterx-premium-themes/

Classification

Type

ACCESS CONTROLS

OWASP top 10

A5: Broken Access Control

CWE

CVSS

Miscellaneous

Original Researcher

Ramuel Gall

Verified

Yes

WPVDB ID

992c1b28-e8c1-4f46-966f-aac89bbace9d

Timeline

Publicly Published

2022-05-18 (about 4 years ago)

Added

2022-05-18 (about 4 years ago)

Last Updated

2022-05-19 (about 4 years ago)

Other

Published

Title

Published

2024-08-24

Title

PowerPack Pro for Elementor < 2.10.15 - Contributor+ Privilege Escalation

Published

2021-05-26

Title

Simple 301 Redirects by BetterLinks - 2.0.0 – 2.0.3 - Arbitrary Plugin Installation

Published

2021-02-10

Title

Map Block for Google Maps < 1.32 - Unauthorised Google API Key change

Published

2024-02-26

Title

Bulk Edit Post Titles <= 5.0.0 - Missing Authorization via bulkUpdatePostTitles

Published

2021-08-23

Title

Timetable and Event Schedule by MotoPress < 2.4.2 - Unauthorised Event TimeSlot Update