WordPress Plugin Vulnerabilities

wpDataTables < 3.4.2 - Improper Access Control leading to Table Data Deletion

Description

The plugin has Improper Access Control. A low privilege authenticated user that visits the page where the table is published can tamper the parameters to delete the data of another user that are present in the same table through id_key and id_val parameters. By exploiting this issue an attacker is able to delete the data of all users in the same table.

Note: This affect the premium version of the plugin, however, both the premium and free plugins have the same slug.

Affects Plugins

Plugin icon
wpdatatables
Fixed in 3.4.2

References

CVE
CVE-2021-24198
URL
https://n4nj0.github.io/advisories/wordpress-plugin-wpdatatables-ii/
URL
https://wpdatatables.com/help/whats-new-changelog/

Classification

Type
ACCESS CONTROLS
OWASP top 10
A5: Broken Access Control
CWE
CWE-284
CVSS
6.5 (medium)

Miscellaneous

Original Researcher
Veno Eivazian, Massimiliano Ferraresi
Submitter
Veno Eivazian
Submitter website
https://n4nj0.github.io/
Verified
Yes
WPVDB ID
d953bc62-8a6f-445b-a556-bc25cdd200e3

Timeline

Publicly Published
2021-03-16 (about 3 years ago)
Added
2021-03-25 (about 3 years ago)
Last Updated
2021-03-28 (about 3 years ago)

Other

Published
Title
Published
2024-03-19
Title
Coming Soon & Maintenance Mode by Colorlib <= 1.0.99 - Information Exposure
Published
2023-10-09
Title
Campaign Monitor Forms < 2.5.6 - Subscriber+ Arbitrary Options Update
Published
2022-06-27
Title
miniOrange's Google Authenticator < 5.5.75 - Reflected Cross-Site Scripting
Published
2020-08-04
Title
CMP - Coming Soon & Maintenance < 3.8.2 - Improper Access Controls on AJAX Calls
Published
2015-02-22
Title
Quasar Theme Rock Form Builder plugin - Privilege Escalation