PT-2023-11866 · WordPress · Wordable
Jerome Bruandet
·
Published
2023-06-07
·
Updated
2023-06-13
·
CVE-2020-36724
CVSS v3.1
9.8
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Wordable plugin for WordPress versions up to, and including, 3.1.1
Description
The issue is related to authentication bypass due to the use of a user-supplied hashing algorithm passed to the
hash hmac() function and a loose comparison on the hash. This allows an attacker to trick the function into thinking it has a valid hash, making it possible for unauthenticated attackers to gain administrator privileges.Recommendations
For Wordable plugin for WordPress versions up to, and including, 3.1.1, update to a version later than 3.1.1 to resolve the issue.
Exploit
Fix
Authentication Bypass Using an Alternate Path or Channel
Missing Authentication
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Wordable