WordPress Plugin Vulnerabilities

Theme My Login 2FA < 1.2 - Lack of Rate Limiting

Description

The plugin does not rate limit 2FA validation attempts, which may allow an attacker to brute-force all possibilities, which shouldn't be too long, as the 2FA codes are 6 digits.

Proof of Concept

https://packetstormsecurity.com/2309-exploits/wpmylogin-bruteforce.txt

Affects Plugins

Plugin icon
tml-2fa
Fixed in 1.2

References

CVE
CVE-2023-6272
URL
https://packetstormsecurity.com/2309-exploits/wpmylogin-bruteforce.txt

Classification

Type
AUTHBYPASS
OWASP top 10
A2: Broken Authentication and Session Management
CWE
CWE-287
CVSS
5.6 (medium)

Miscellaneous

Original Researcher
Joost Grunwald
Submitter
Joost Grunwald
Submitter website
https://www.iecetee.com
Verified
Yes
WPVDB ID
a03243ea-fee7-46e4-8037-a228afc5297a

Timeline

Publicly Published
2023-11-24 (about 5 months ago)
Added
2023-11-24 (about 5 months ago)
Last Updated
2023-11-24 (about 5 months ago)

Other

Published
Title
Published
2021-07-19
Title
Profile Builder < 3.4.9 - Admin Access via Password Reset
Published
2021-10-11
Title
Pie Register < 3.1.7.6 - Unauthenticated Arbitrary Login
Published
2021-02-02
Title
MStore API < 3.2.0 - Authentication Bypass With Sign In With Apple
Published
2016-10-14
Title
OneLogin SAML SSO <= 2.4.2 - Signature Wrapping
Published
2016-07-19
Title
Form Lightbox - Arbitrary Option Update Leading to Admin Account