JupiterX < 2.0.7 & JupiterX Core < 2.0.7 – Subscriber+ Arbitrary Plugin Deactivation and Settings Update | CVE 2022-1656 | Plugin Vulnerabilities

Description

Any logged-in user, including subscriber-level users, can access any of the functions registered in lib/api/api/ajax.php, which also grant access to the jupiterx_api_ajax_ actions registered by the JupiterX Core Plugin. This includes the ability to deactivate arbitrary plugins as well as update the theme’s API key.

Affects Plugins

Fixed in 2.0.7

Affects Themes

Fixed in 2.0.7

References

CVE

URL

https://www.wordfence.com/blog/2022/05/critical-privilege-escalation-vulnerability-in-jupiter-and-jupiterx-premium-themes/

Classification

Type

ACCESS CONTROLS

OWASP top 10

A5: Broken Access Control

CWE

CVSS

Miscellaneous

Original Researcher

Ramuel Gall

Verified

Yes

WPVDB ID

d310f473-0cbb-4eee-af2d-d066183a6694

Timeline

Publicly Published

2022-05-18 (about 3 years ago)

Added

2022-05-18 (about 3 years ago)

Last Updated

2023-02-13 (about 3 years ago)

Other

Published

Title

Published

2024-04-08

Title

GamiPress < 6.8.9 - Broken Access Control

Published

2021-02-05

Title

Ultimate GDPR & CCPA Compliance Toolkit < 2.5 - Unauthenticated Plugin Settings Export and Import

Published

2024-03-19

Title

Coming Soon & Maintenance Mode by Colorlib <= 1.0.99 - Information Exposure

Published

2021-01-28

Title

uListing < 1.7 - Unauthenticated WordPress Options Change

Published

2022-06-28

Title

Custom Product Tabs for WooCommerce < 1.7.8 - Unauthenticated Toggle Content Setting Update