WordPress Plugin Vulnerabilities

AMP for WP < 1.0.93.2 - Authenticated(Contributor+) Arbitrary Post Deletion via amppb_remove_saved_layout_data

Description

The AMP for WP – Accelerated Mobile Pages plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the 'amppb_remove_saved_layout_data' function in all versions up to, and including, 1.0.93.1. This makes it possible for authenticated attackers, with contributor access and above, to delete arbitrary posts on the site.

Affects Plugins

Plugin icon
accelerated-mobile-pages
Fixed in 1.0.93.2

References

CVE
CVE-2024-1043
URL
https://www.wordfence.com/threat-intel/vulnerabilities/id/ffb70e82-355b-48f3-92d0-19659ed2550e

Classification

Type
ACCESS CONTROLS
OWASP top 10
A5: Broken Access Control
CWE
CWE-284
CVSS
6.5 (medium)

Miscellaneous

Original Researcher
Sean Murphy
Verified
No
WPVDB ID
dbeacc0a-7b5a-4fe3-876d-decf7db0453b

Timeline

Publicly Published
2024-02-06 (about 2 years ago)
Added
2024-02-09 (about 2 years ago)
Last Updated
2024-02-09 (about 2 years ago)

Other

Published
Title
Published
2022-06-27
Title
miniOrange's Google Authenticator < 5.5.75 - Reflected Cross-Site Scripting
Published
2022-01-05
Title
SupportCandy < 2.2.5 - Unauthenticated Arbitrary Ticket Deletion
Published
2022-07-26
Title
WPGraphQL WooCommerce < 0.12.4 - Unauthenticated Coupon Codes Disclosure
Published
2024-02-27
Title
WordPress Access Control <= 4.0.13 - Improper Access Control to Sensitive Information Exposure via REST API
Published
2024-04-15
Title
Simple Registration for WooCommerce < 1.5.7 - Unauthenticated Privilege Escalation