Replace Image < 1.1.11 – Insecure Direct Object Reference | CVE 2024-4873 | Plugin Vulnerabilities

Description

The Replace Image plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 1.1.10 via the image replacement functionality due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with Author-level access and above, to replace images uploaded by higher level users such as admins.

Affects Plugins

Fixed in 1.1.11

References

CVE

URL

https://www.wordfence.com/threat-intel/vulnerabilities/id/5a5d3a62-f7e5-4776-bed9-7ff3f81da452

Classification

Type

IDOR

OWASP top 10

A5: Broken Access Control

CWE

CVSS

Miscellaneous

Original Researcher

Jin Hao Chan

Verified

No

WPVDB ID

9e7f7cf8-ea98-43e4-8b4d-29a274d3c597

Timeline

Publicly Published

2024-06-18 (about 1 year ago)

Added

2024-06-18 (about 1 year ago)

Last Updated

2024-07-19 (about 1 year ago)

Other

Published

Title

Published

2025-02-17

Title

ProfileGrid – User Profiles, Groups and Communities < 5.9.4.3 - Insecure Direct Object Reference to Authenticated (Subscriber+) Private Messages Disclosure

Published

2024-01-02

Title

WP 2FA < 2.6.0 - Subscriber+ Arbitrary Email Sending

Published

2025-05-08

Title

WPBookit < 1.0.3 - Insecure Direct Object Reference to Unauthenticated Privilege Escalation via Account Takeover

Published

2023-12-27

Title

WooCommerce Stripe Payment Gateway < 7.6.2 - Unauthenticated Order Deletion via IDOR

Published

2026-01-06

Title

Optional Email <= 1.3.11 - Unauthenticated Privilege Escalation to Account Takeover