WordPress Plugin Vulnerabilities

Enjoy Social Feed <= 6.2.2 - Unauthenticated Arbitrary Instagram Account Unlinking

Description

The plugin does not have authorisation and CSRF in various function hooked to admin_init, allowing unauthenticated users to call them and unlink arbitrary users Instagram Account for example

Proof of Concept

As unauthenticated, open the following URL to unlink the Instagram account of the user with ID 5:

https://example.com/wp-admin/admin-post.php?action=enjoyinstagram-remove-user&user_id=5&tab=users-settings

Affects Plugins

Plugin icon
enjoy-instagram-instagram-responsive-images-gallery-and-carousel
No known fix

References

CVE
CVE-2024-0779

Classification

Type
NO AUTHORISATION
OWASP top 10
A5: Broken Access Control
CWE
CWE-862

Miscellaneous

Original Researcher
Krzysztof Zając (CERT PL)
Submitter
Krzysztof Zając (CERT PL)
Submitter website
https://cert.pl
Submitter twitter
cert_polska_en
Verified
Yes
WPVDB ID
ced134cf-82c5-401b-9476-b6456e1924e2

Timeline

Publicly Published
2024-02-20 (about 2 months ago)
Added
2024-02-20 (about 2 months ago)
Last Updated
2024-02-20 (about 2 months ago)

Other

Published
Title
Published
2024-04-17
Title
WPC Frequently Bought Together for WooCommerce < 7.0.4 - Missing Authorization
Published
2023-10-16
Title
Ashe Extra < 1.2.92 - Subscriber+ Companion Plugin Activation & Content Import
Published
2024-02-02
Title
WP Dummy Content Generator < 3.1.3 - Missing Authorization
Published
2023-10-19
Title
Just Custom Fields <= 3.3.2 - Missing Authorization on AJAX Actions
Published
2024-03-21
Title
AI Post Generator < 3.4 - Subscriber+ Posts Read/Creation/Deletion