SecuriTricks - CVE-2024-6397

Description

The InstaWP Connect – 1-click WP Staging & Migration plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 0.1.0.44. This is due to insufficient verification of the API key. This makes it possible for unauthenticated attackers to log in as any existing user on the site, such as an administrator, if they have access to the username, and to perform a variety of other administrative tasks. NOTE: This vulnerability was partially fixed in 0.1.0.44, but was still exploitable via Cross-Site Request Forgery.

Product(s) Impacted

Product	Versions
InstaWP Connect - 1-click WP Staging & Migration plugin for WordPress	['up to 0.1.0.44']

Weaknesses

Common security weaknesses mapped to this vulnerability.

References

https://plugins.trac.wordpress.org/browser/instawp-connect/tags/0.1.0.43/includes/apis/class-instawp-rest-api.php#L256

https://plugins.trac.wordpress.org/browser/instawp-connect/tags/0.1.0.43/includes/class-instawp-hooks.php#L28

https://plugins.trac.wordpress.org/browser/instawp-connect/tags/0.1.0.43/includes/class-instawp-hooks.php#L40

https://plugins.trac.wordpress.org/changeset/3109305/

https://plugins.trac.wordpress.org/changeset/3114674/

https://www.wordfence.com/threat-intel/vulnerabilities/id/963f2485-3afa-4e17-8278-b75415af3915?source=cve

CVSS Score

9.8 / 10

CVSS Data - 3.1

Attack Vector: NETWORK
Attack Complexity: LOW
Privileges Required: NONE
Scope: UNCHANGED
Confidentiality Impact: HIGH
Integrity Impact: HIGH
Availability Impact: HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

View Vector String

Timeline

Published: July 11, 2024, 4:15 a.m.
Last Modified: July 11, 2024, 1:05 p.m.

Status : Awaiting Analysis

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

security@wordfence.com

CVE-2024-6397