WordPress Plugin Vulnerabilities

GamiPress < 6.8.9 - Broken Access Control

Description

The plugin's access control mechanism fails to properly restrict access to its settings, permitting Authors to manipulate requests and extend access to lower privileged users, like Subscribers, despite initial settings prohibiting such access. This vulnerability resembles broken access control, enabling unauthorized users to modify critical plugin configurations.

Proof of Concept

- Inferred parameter values

Administrator > manage_options
Editor > delete_others_posts
Author > publish_posts
Contributor > edit_posts
Subscriber > read

Affects Plugins

Plugin icon
gamipress
Fixed in 6.8.9

References

CVE
CVE-2024-2505

Classification

Type
ACCESS CONTROLS
OWASP top 10
A5: Broken Access Control
CWE
CWE-284

Miscellaneous

Submitter
cyc707
Verified
Yes
WPVDB ID
9b3d6148-ecee-4e59-84a4-3b3e9898473b

Timeline

Publicly Published
2024-04-08 (about 1 months ago)
Added
2024-04-08 (about 1 months ago)
Last Updated
2024-04-08 (about 1 months ago)

Other

Published
Title
Published
2024-05-14
Title
Password Protected < 2.6.7 - Missing Authorization to Sensitive Information Exposure
Published
2024-04-03
Title
CGC Maintenance Mode <= 1.2 - Sensitive Information Exposure
Published
2021-08-25
Title
Advanced Custom Fields < 5.11 - Subscriber+ Arbitrary ACF Data/Field Groups View and Fields Move
Published
2021-08-30
Title
Countdown Block < 1.1.2 - Missing Authorisation in AJAX action
Published
2023-10-16
Title
Awesome Support < 6.1.5 - Submitter+ Arbitrary File Deletion