WordPress Plugin Vulnerabilities

Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder < 5.1.19 - Missing Authorization to Authenticated (Subscriber+) Mailchimp Integration Modification

Description

The Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder plugin for WordPress is vulnerable to unauthorized Malichimp API key update due to an insufficient capability check on the verifyRequest function in all versions up to, and including, 5.1.18. This makes it possible for Form Managers with a Subscriber-level access and above to modify the Mailchimp API key used for integration. At the same time, missing Mailchimp API key validation allows the redirect of the integration requests to the attacker-controlled server.

Affects Plugins

Plugin icon
fluentform
Fixed in 5.1.19

References

CVE
CVE-2024-5053
URL
https://www.wordfence.com/threat-intel/vulnerabilities/id/8242e0f0-b9c5-46fe-b691-3275cd0f9a43

Classification

Type
ACCESS CONTROLS
OWASP top 10
A5: Broken Access Control
CWE
CWE-284
CVSS
4.2 (medium)

Miscellaneous

Original Researcher
Tobias Weißhaar (kun_19)
Verified
No
WPVDB ID
af401e32-4b89-4832-a6a2-4460b0dea948

Timeline

Publicly Published
2024-08-31 (about 1 year ago)
Added
2024-09-02 (about 1 year ago)
Last Updated
2024-09-02 (about 1 year ago)

Other

Published
Title
Published
2021-10-06
Title
Phoenix Media Rename < 3.4.4 - Author Arbitrary Media File Renaming
Published
2021-10-19
Title
Download Plugin < 1.6.1 - Subscriber+ Arbitrary Plugin Activation
Published
2019-08-09
Title
Woody Ad Snippets < 2.2.6 - Arbitrary Post Deletion
Published
2020-08-03
Title
Product Input Fields for WooCommerce < 1.2.7 - Unauthenticated File Download
Published
2021-04-17
Title
WordPress Download Manager < 3.1.18 - Unauthorised Download Duplication