CVE-2024-5665 - OpenCVE

The Login/Signup Popup ( Inline Form + Woocommerce ) plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the ‘export_settings’ function in versions 2.7.1 to 2.7.2. This makes it possible for authenticated attackers, with Subscriber-level access and above, to read arbitrary options on affected sites.

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact Low

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

Vendors & Products
CPE Configurations

Vendors	Products
Xootix	Login\/signup Popup

Configuration 1 [-]

cpe:2.3:a:xootix:login\/signup_popup:*:*:*:*:*:wordpress:*:*

References

Link	Resource
https://plugins.trac.wordpress.org/browser/easy-login-woocommerce/trunk/includes/xoo-framework/admin/class-xoo-admin-settings.php?rev=3084943#L69	Product
https://plugins.trac.wordpress.org/changeset/3093994/	Patch
https://www.wordfence.com/threat-intel/vulnerabilities/id/1a304e9a-9518-4a6a-b36a-963cb329f5c3?source=cve	Third Party Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: Wordfence

Published: 2024-06-06T07:37:11.794Z

Updated: 2024-06-10T14:04:13.895Z

Reserved: 2024-06-05T19:13:08.108Z

Link: CVE-2024-5665

JSON object: View

NVD Information

Status : Analyzed

Published: 2024-06-06T08:15:40.153

Modified: 2024-06-11T17:47:45.033

Link: CVE-2024-5665

JSON object: View

Redhat Information

No data.

CWE

CWE-862

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-5665", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "state": "PUBLISHED", "assignerShortName": "Wordfence", "dateReserved": "2024-06-05T19:13:08.108Z", "datePublished": "2024-06-06T07:37:11.794Z", "dateUpdated": "2024-06-10T14:04:13.895Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2024-06-06T07:37:11.794Z"}, "affected": [{"vendor": "xootix", "product": "Login/Signup Popup ( Inline Form + Woocommerce )", "versions": [{"version": "2.7.1", "status": "affected", "lessThanOrEqual": "2.7.2", "versionType": "semver"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "The Login/Signup Popup ( Inline Form + Woocommerce ) plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the \u2018export_settings\u2019 function in versions 2.7.1 to 2.7.2. This makes it possible for authenticated attackers, with Subscriber-level access and above, to read arbitrary options on affected sites."}], "title": "Login/Signup Popup ( Inline Form + Woocommerce ) 2.7.1 - 2.7.2 - Missing Authorization to Arbitrary Options Exposure", "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/1a304e9a-9518-4a6a-b36a-963cb329f5c3?source=cve"}, {"url": "https://plugins.trac.wordpress.org/browser/easy-login-woocommerce/trunk/includes/xoo-framework/admin/class-xoo-admin-settings.php?rev=3084943#L69"}, {"url": "https://plugins.trac.wordpress.org/changeset/3093994/"}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-862 Missing Authorization"}]}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "baseScore": 4.3, "baseSeverity": "MEDIUM"}}], "credits": [{"lang": "en", "type": "finder", "value": "1337_Wannabe"}], "timeline": [{"time": "2024-06-05T19:24:25.000+00:00", "lang": "en", "value": "Disclosed"}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-06-10T14:04:06.884013Z", "id": "CVE-2024-5665", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-10T14:04:13.895Z"}}]}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:xootix:login\\/signup_popup:*:*:*:*:*:wordpress:*:*", "matchCriteriaId": "A69A037D-0C5F-4EBB-B1FB-2068124742A9", "versionEndExcluding": "2.7.3", "versionStartIncluding": "2.7.1", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "The Login/Signup Popup ( Inline Form + Woocommerce ) plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the \u2018export_settings\u2019 function in versions 2.7.1 to 2.7.2. This makes it possible for authenticated attackers, with Subscriber-level access and above, to read arbitrary options on affected sites."}, {"lang": "es", "value": "El complemento Login/Signup Popup (Inline Form + Woocommerce) para WordPress es vulnerable al acceso no autorizado a los datos debido a una falta de verificaci\u00f3n de capacidad en la funci\u00f3n 'export_settings' en las versiones 2.7.1 a 2.7.2. Esto hace posible que atacantes autenticados, con acceso a nivel de suscriptor y superior, lean opciones arbitrarias en los sitios afectados."}], "id": "CVE-2024-5665", "lastModified": "2024-06-11T17:47:45.033", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 1.4, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 1.4, "source": "security@wordfence.com", "type": "Secondary"}]}, "published": "2024-06-06T08:15:40.153", "references": [{"source": "security@wordfence.com", "tags": ["Product"], "url": "https://plugins.trac.wordpress.org/browser/easy-login-woocommerce/trunk/includes/xoo-framework/admin/class-xoo-admin-settings.php?rev=3084943#L69"}, {"source": "security@wordfence.com", "tags": ["Patch"], "url": "https://plugins.trac.wordpress.org/changeset/3093994/"}, {"source": "security@wordfence.com", "tags": ["Third Party Advisory"], "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/1a304e9a-9518-4a6a-b36a-963cb329f5c3?source=cve"}], "sourceIdentifier": "security@wordfence.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-862"}], "source": "nvd@nist.gov", "type": "Primary"}]}