WordPress Plugin Vulnerabilities

Testimonial Slider < 2.3.7 - Author+ Settings Update

Description

The plugin does not properly ensure that a user has the necessary capabilities to edit certain sensitive plugin settings, making it possible for users with at least the Author role to edit them.

Proof of Concept

Affects Plugins

Plugin icon
testimonial-slider-and-showcase
Fixed in 2.3.7

References

CVE
CVE-2024-1745
URL
https://research.cleantalk.org/cve-2024-1745/

Classification

Type
INCORRECT AUTHORISATION
OWASP top 10
A5: Broken Access Control
CWE
CWE-863
CVSS
2.7 (low)

Miscellaneous

Original Researcher
Dmitrii Ignatyev
Submitter
Dmitrii Ignatyev
Submitter website
https://research.cleantalk.org
Verified
Yes
WPVDB ID
b63bbfeb-d6f7-4c33-8824-b86d64d3f598

Timeline

Publicly Published
2024-03-05 (about 1 year ago)
Added
2024-03-05 (about 1 year ago)
Last Updated
2024-03-15 (about 1 year ago)

Other

Published
Title
Published
2024-01-29
Title
Avada < 7.11.2 - Contributor+ Arbitrary File Upload
Published
2024-06-10
Title
WPS Hide Login < 1.9.16 - Login Page Disclosure
Published
2022-08-15
Title
Visual Portfolio < 2.19.0 - Contributor+ CSS Injection
Published
2024-05-09
Title
LearnPress – WordPress LMS Plugin < 4.2.6.6 - Unauthenticated Bypass to User Registration
Published
2022-03-10
Title
WooCommerce < 6.3.1 - Orders Marked as Paid (via PayPal Standard Gateway)