WordPress Plugin Vulnerabilities

WCFM Membership < 2.10.1 - Unauthenticated Privilege Escalation

Description

The plugin does not have authorisation in the wcfm_ajax_controller AJAX action, allowing unauthenticated attackers to change membership registration form and set the default role to administrator

Affects Plugins

Plugin icon
wc-multivendor-membership
Fixed in 2.10.1

References

CVE
CVE-2022-4939

Classification

Type
PRIVESC
OWASP top 10
A2: Broken Authentication and Session Management
CWE
CWE-269
CVSS
9.8 (critical)

Miscellaneous

Original Researcher
Chloe Chamberland
Verified
No
WPVDB ID
c7fb4ba5-e151-406b-947a-a879b9b7c02f

Timeline

Publicly Published
2023-04-05 (about 1 years ago)
Added
2023-04-06 (about 1 years ago)
Last Updated
2023-04-06 (about 1 years ago)

Other

Published
Title
Published
2019-11-07
Title
Funnel Builder by CartFlows < 1.3.1 - Authenticated Arbitrary Plugin Activation
Published
2016-02-18
Title
ElegantThemes - Privilege Escalation
Published
2022-02-01
Title
MasterStudy LMS < 2.7.6 - Unauthenticated Admin Account Creation
Published
2021-04-26
Title
Store Locator Plus < 5.9 - Authenticated Privilege Escalation
Published
2020-01-01
Title
Import Users From CSV with Meta 1.15 - Unauthorised Authenticated Users Export