Enjoy Social Feed <= 6.2.2 – Subscriber+ Plugin Database Reset | CVE 2024-0780

Description

The plugin does not have authorisation when resetting its database, allowing any authenticated users, such as subscriber to perform such action

Proof of Concept

Log in as a subscriber, access the Diagnostic tab of the plugin (/wp-admin/admin.php?page=enjoyinstagram_plugin_options&tab=diagnostic) and click on the re-install database button at the bottom

Affects Plugins

enjoy-instagram-instagram-responsive-images-gallery-and-carousel

No known fix

References

CVE

CVE-2024-0780

Classification

Type

NO AUTHORISATION

OWASP top 10

A5: Broken Access Control

CWE

CWE-862

Miscellaneous

Original Researcher

Erwan LR (WPScan)

Submitter

Erwan LR (WPScan)

Verified

Yes

WPVDB ID

be3045b1-72e6-450a-8dd2-4702a9328447

Timeline

Publicly Published

2024-02-20 (about 2 months ago)

Added

2024-02-20 (about 2 months ago)

Last Updated

2024-02-20 (about 2 months ago)

Other

Published

Title

Published

2024-04-11

Title

Advanced Post Block – Display Posts, Pages, or Custom Posts on Your Page <= 1.13.1 - Missing Authorization to Information Disclosure

Published

2023-11-01

Title

Funnelforms Free < 3.4.2 - Missing Authorization to Arbitrary Post Deletion

Published

2022-07-20

Title

Beaver Builder < 2.5.4.4 - Subscriber+ Arbitrary Post Builder Layout Disabling

Published

2023-11-09

Title

Japanized For WooCommerce < 2.6.5 - Missing Authorization

Published

2021-07-20

Title

WP SEO TDK <= 2.1.2 - Unauthenticated Setting Update to Stored XSS