CWE-862
Missing Authorization
The product does not perform an authorization check when an actor attempts to access a resource or perform an action.
CVE-2024-13060 (GCVE-0-2024-13060)
Vulnerability from cvelistv5 – Published: 2025-03-20 10:08 – Updated: 2025-10-15 12:49
VLAI
Title
Improper Authorization in mintplex-labs/anything-llm
Summary
A vulnerability in AnythingLLM Docker version 1.3.1 allows users with 'Default' permission to access other users' profile pictures by changing the 'id' parameter in the user cookie. This issue is present in versions prior to 1.3.1.
Severity
4.3 (Medium)
SSVC
Exploitation: poc
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-862 - Missing Authorization
Assigner
References
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| mintplex-labs | mintplex-labs/anything-llm |
Affected:
unspecified , < 1.3.1
(custom)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-13060",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-20T14:30:29.981357Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-20T14:31:59.970Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://huntr.com/bounties/98a49c90-e095-441f-900c-59d463dc8e8f"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "mintplex-labs/anything-llm",
"vendor": "mintplex-labs",
"versions": [
{
"lessThan": "1.3.1",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in AnythingLLM Docker version 1.3.1 allows users with \u0027Default\u0027 permission to access other users\u0027 profile pictures by changing the \u0027id\u0027 parameter in the user cookie. This issue is present in versions prior to 1.3.1."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "CWE-862 Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-15T12:49:34.786Z",
"orgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"shortName": "@huntr_ai"
},
"references": [
{
"url": "https://huntr.com/bounties/98a49c90-e095-441f-900c-59d463dc8e8f"
},
{
"url": "https://github.com/mintplex-labs/anything-llm/commit/696af19c45473172ad4d3ca749281800a4d1a45a"
}
],
"source": {
"advisory": "98a49c90-e095-441f-900c-59d463dc8e8f",
"discovery": "EXTERNAL"
},
"title": "Improper Authorization in mintplex-labs/anything-llm"
}
},
"cveMetadata": {
"assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"assignerShortName": "@huntr_ai",
"cveId": "CVE-2024-13060",
"datePublished": "2025-03-20T10:08:46.465Z",
"dateReserved": "2024-12-30T22:30:53.491Z",
"dateUpdated": "2025-10-15T12:49:34.786Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-1318 (GCVE-0-2024-1318)
Vulnerability from cvelistv5 – Published: 2024-02-20 18:56 – Updated: 2026-04-08 16:37
VLAI
Title
RSS Aggregator by Feedzy <= 4.4.2 - Missing Authorization to Arbitrary Page Creation and Publication
Summary
The RSS Aggregator by Feedzy – Feed to Post, Autoblogging, News & YouTube Video Feeds Aggregator plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'feedzy_wizard_step_process' and 'import_status' functions in all versions up to, and including, 4.4.2. This makes it possible for authenticated attackers, with Contributor access and above, who are normally restricted to only being able to create posts rather than pages, to draft and publish posts with arbitrary content.
Severity
6.5 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-862 - Missing Authorization
Assigner
References
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| themeisle | RSS Aggregator by Feedzy – Feed to Post, Autoblogging, News & YouTube Video Feeds Aggregator |
Affected:
0 , ≤ 4.4.2
(semver)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-1318",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-03-05T20:19:20.521908Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-22T16:25:08.275Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T18:33:25.377Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/181edcec-a57d-4516-935d-6777d2de77ae?source=cve"
},
{
"tags": [
"x_transferred"
],
"url": "https://plugins.trac.wordpress.org/browser/feedzy-rss-feeds/tags/4.4.2/includes/admin/feedzy-rss-feeds-import.php#L1022"
},
{
"tags": [
"x_transferred"
],
"url": "https://plugins.trac.wordpress.org/browser/feedzy-rss-feeds/tags/4.4.2/includes/admin/feedzy-rss-feeds-admin.php#L1053"
},
{
"tags": [
"x_transferred"
],
"url": "https://plugins.trac.wordpress.org/changeset/3033749/feedzy-rss-feeds/tags/4.4.3/includes/admin/feedzy-rss-feeds-admin.php?old=3030538\u0026old_path=feedzy-rss-feeds%2Ftags%2F4.4.2%2Fincludes%2Fadmin%2Ffeedzy-rss-feeds-admin.php"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "RSS Aggregator by Feedzy \u2013 Feed to Post, Autoblogging, News \u0026 YouTube Video Feeds Aggregator",
"vendor": "themeisle",
"versions": [
{
"lessThanOrEqual": "4.4.2",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Lucio S\u00e1"
}
],
"descriptions": [
{
"lang": "en",
"value": "The RSS Aggregator by Feedzy \u2013 Feed to Post, Autoblogging, News \u0026 YouTube Video Feeds Aggregator plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the \u0027feedzy_wizard_step_process\u0027 and \u0027import_status\u0027 functions in all versions up to, and including, 4.4.2. This makes it possible for authenticated attackers, with Contributor access and above, who are normally restricted to only being able to create posts rather than pages, to draft and publish posts with arbitrary content."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "CWE-862 Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-08T16:37:35.368Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/181edcec-a57d-4516-935d-6777d2de77ae?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/feedzy-rss-feeds/tags/4.4.2/includes/admin/feedzy-rss-feeds-import.php#L1022"
},
{
"url": "https://plugins.trac.wordpress.org/browser/feedzy-rss-feeds/tags/4.4.2/includes/admin/feedzy-rss-feeds-admin.php#L1053"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3033749/feedzy-rss-feeds/tags/4.4.3/includes/admin/feedzy-rss-feeds-admin.php?old=3030538\u0026old_path=feedzy-rss-feeds%2Ftags%2F4.4.2%2Fincludes%2Fadmin%2Ffeedzy-rss-feeds-admin.php"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-02-09T00:00:00.000Z",
"value": "Disclosed"
}
],
"title": "RSS Aggregator by Feedzy \u003c= 4.4.2 - Missing Authorization to Arbitrary Page Creation and Publication"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2024-1318",
"datePublished": "2024-02-20T18:56:21.078Z",
"dateReserved": "2024-02-07T16:38:39.144Z",
"dateUpdated": "2026-04-08T16:37:35.368Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-13203 (GCVE-0-2024-13203)
Vulnerability from cvelistv5 – Published: 2025-01-09 02:00 – Updated: 2025-01-09 16:31
VLAI
Title
kurniaramadhan E-Commerce-PHP cross-site request forgery
Summary
A vulnerability was found in kurniaramadhan E-Commerce-PHP 1.0. It has been classified as problematic. Affected is an unknown function. The manipulation leads to cross-site request forgery. It is possible to launch the attack remotely. The vendor was contacted early about this disclosure but did not respond in any way.
Severity
4.3 (Medium)
4.3 (Medium)
SSVC
Exploitation: poc
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://vuldb.com/?id.290796 | vdb-entry |
| https://vuldb.com/?ctiid.290796 | signaturepermissions-required |
| https://www.websecurityinsights.my.id/2024/12/eco… | related |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| kurniaramadhan | E-Commerce-PHP |
Affected:
1.0
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-13203",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-09T16:30:56.936126Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-09T16:31:24.978Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://www.websecurityinsights.my.id/2024/12/ecommerce-php-by-kurniaramadhan-sql.html?m=1"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "E-Commerce-PHP",
"vendor": "kurniaramadhan",
"versions": [
{
"status": "affected",
"version": "1.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in kurniaramadhan E-Commerce-PHP 1.0. It has been classified as problematic. Affected is an unknown function. The manipulation leads to cross-site request forgery. It is possible to launch the attack remotely. The vendor was contacted early about this disclosure but did not respond in any way."
},
{
"lang": "de",
"value": "Es wurde eine problematische Schwachstelle in kurniaramadhan E-Commerce-PHP 1.0 ausgemacht. Hiervon betroffen ist ein unbekannter Codeblock. Dank der Manipulation mit unbekannten Daten kann eine cross-site request forgery-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk angegangen werden."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 5,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-352",
"description": "Cross-Site Request Forgery",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-09T02:00:15.952Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-290796 | kurniaramadhan E-Commerce-PHP cross-site request forgery",
"tags": [
"vdb-entry"
],
"url": "https://vuldb.com/?id.290796"
},
{
"name": "VDB-290796 | CTI Indicators (IOB, IOC)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.290796"
},
{
"tags": [
"related"
],
"url": "https://www.websecurityinsights.my.id/2024/12/ecommerce-php-by-kurniaramadhan-sql.html?m=1"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-01-08T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2025-01-08T01:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2025-01-08T16:03:45.000Z",
"value": "VulDB entry last update"
}
],
"title": "kurniaramadhan E-Commerce-PHP cross-site request forgery"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2024-13203",
"datePublished": "2025-01-09T02:00:15.952Z",
"dateReserved": "2025-01-08T14:58:34.252Z",
"dateUpdated": "2025-01-09T16:31:24.978Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-1322 (GCVE-0-2024-1322)
Vulnerability from cvelistv5 – Published: 2024-02-20 18:56 – Updated: 2026-04-08 17:14
VLAI
Title
Directorist <= 7.8.4 - Missing Authorization to Unauthenticated Settings Change
Summary
The Directorist – WordPress Business Directory Plugin with Classified Ads Listings plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'setup_wizard' function in all versions up to, and including, 7.8.4. This makes it possible for unauthenticated attackers to recreate default pages and enable or disable monetization and change map provider.
Severity
5.3 (Medium)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-862 - Missing Authorization
Assigner
References
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| wpwax | Directorist: AI-Powered Business Directory, Listings & Classified Ads |
Affected:
0 , ≤ 7.8.4
(semver)
|
|
| wpwax | directorist |
Affected:
0 , < 7.8.5
(semver)
cpe:2.3:a:wpwax:directorist:*:*:*:*:*:wordpress:*:* |
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T18:33:25.393Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/aa26e958-4850-451b-88eb-d48fc0c7feb7?source=cve"
},
{
"tags": [
"x_transferred"
],
"url": "https://plugins.trac.wordpress.org/browser/directorist/tags/7.8.4/includes/classes/class-setup-wizard.php#L300"
},
{
"tags": [
"x_transferred"
],
"url": "https://plugins.trac.wordpress.org/changeset?old_path=%2Fdirectorist%2Ftags%2F7.8.4\u0026old=3034765\u0026new_path=%2Fdirectorist%2Ftags%2F7.8.5\u0026new=3034765\u0026sfp_email=\u0026sfph_mail="
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:wpwax:directorist:*:*:*:*:*:wordpress:*:*"
],
"defaultStatus": "unknown",
"product": "directorist",
"vendor": "wpwax",
"versions": [
{
"lessThan": "7.8.5",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-1322",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-08T18:49:05.612519Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-08T18:50:04.943Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Directorist: AI-Powered Business Directory, Listings \u0026 Classified Ads",
"vendor": "wpwax",
"versions": [
{
"lessThanOrEqual": "7.8.4",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Lucio S\u00e1"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Directorist \u2013 WordPress Business Directory Plugin with Classified Ads Listings plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the \u0027setup_wizard\u0027 function in all versions up to, and including, 7.8.4. This makes it possible for unauthenticated attackers to recreate default pages and enable or disable monetization and change map provider."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "CWE-862 Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-08T17:14:18.611Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/aa26e958-4850-451b-88eb-d48fc0c7feb7?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/directorist/tags/7.8.4/includes/classes/class-setup-wizard.php#L300"
},
{
"url": "https://plugins.trac.wordpress.org/changeset?old_path=%2Fdirectorist%2Ftags%2F7.8.4\u0026old=3034765\u0026new_path=%2Fdirectorist%2Ftags%2F7.8.5\u0026new=3034765\u0026sfp_email=\u0026sfph_mail="
}
],
"timeline": [
{
"lang": "en",
"time": "2024-02-12T00:00:00.000Z",
"value": "Disclosed"
}
],
"title": "Directorist \u003c= 7.8.4 - Missing Authorization to Unauthenticated Settings Change"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2024-1322",
"datePublished": "2024-02-20T18:56:39.030Z",
"dateReserved": "2024-02-07T17:38:16.482Z",
"dateUpdated": "2026-04-08T17:14:18.611Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-13231 (GCVE-0-2024-13231)
Vulnerability from cvelistv5 – Published: 2025-02-19 08:21 – Updated: 2026-04-08 16:43
VLAI
Title
WordPress Portfolio Builder – Portfolio Gallery <= 1.1.7 - Missing Authorization to Unauthenticated Portfolio Update
Summary
The WordPress Portfolio Builder – Portfolio Gallery plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'add_video' function in all versions up to, and including, 1.1.7. This makes it possible for unauthenticated attackers to add arbitrary videos to any portfolio gallery.
Severity
5.3 (Medium)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-862 - Missing Authorization
Assigner
References
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| portfoliohub | WordPress Portfolio Builder – Portfolio Gallery |
Affected:
0 , ≤ 1.1.7
(semver)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-13231",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-19T15:30:46.388517Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-19T15:30:55.558Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "WordPress Portfolio Builder \u2013 Portfolio Gallery",
"vendor": "portfoliohub",
"versions": [
{
"lessThanOrEqual": "1.1.7",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Khayal Farzaliyev"
}
],
"descriptions": [
{
"lang": "en",
"value": "The WordPress Portfolio Builder \u2013 Portfolio Gallery plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the \u0027add_video\u0027 function in all versions up to, and including, 1.1.7. This makes it possible for unauthenticated attackers to add arbitrary videos to any portfolio gallery."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "CWE-862 Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-08T16:43:12.717Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/28d9ab98-c1ab-45ee-a371-6598a8347b10?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/uber-grid/tags/1.1.7/src/Admin.php#L14"
},
{
"url": "https://plugins.trac.wordpress.org/browser/uber-grid/tags/1.1.7/src/Admin.php#L76"
},
{
"url": "https://plugins.trac.wordpress.org/browser/uber-grid/tags/1.1.7/src/Admin.php#L86"
},
{
"url": "https://plugins.trac.wordpress.org/browser/uber-grid/tags/1.1.7/src/Admin.php#L149"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-02-18T19:35:27.000Z",
"value": "Disclosed"
}
],
"title": "WordPress Portfolio Builder \u2013 Portfolio Gallery \u003c= 1.1.7 - Missing Authorization to Unauthenticated Portfolio Update"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2024-13231",
"datePublished": "2025-02-19T08:21:45.528Z",
"dateReserved": "2025-01-09T01:07:47.843Z",
"dateUpdated": "2026-04-08T16:43:12.717Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-13232 (GCVE-0-2024-13232)
Vulnerability from cvelistv5 – Published: 2025-03-05 09:21 – Updated: 2026-04-08 17:32
VLAI
Title
WordPress Awesome Import & Export Plugin - Import & Export WordPress Data <= 4.1.1 - Missing Authorization to Authenticated (Subscriber+) Arbitrary SQL Execution/Privilege Escalation
Summary
The WordPress Awesome Import & Export Plugin - Import & Export WordPress Data plugin for WordPress is vulnerable arbitrary SQL Execution and privilege escalation due to a missing capability check on the renderImport() function in all versions up to, and including, 4.1.1. This makes it possible for authenticated attackers, with Subscriber-level access and above, to execute arbitrary SQL statements that can leveraged to create a new administrative user account.
Severity
8.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-862 - Missing Authorization
Assigner
References
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| ddeveloper | WordPress Awesome Import & Export Plugin - Import & Export WordPress Data |
Affected:
0 , ≤ 4.1.1
(semver)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-13232",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-05T14:51:44.026682Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-05T14:52:07.832Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "WordPress Awesome Import \u0026 Export Plugin - Import \u0026 Export WordPress Data",
"vendor": "ddeveloper",
"versions": [
{
"lessThanOrEqual": "4.1.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Tr\u01b0\u01a1ng H\u1eefu Ph\u00fac (truonghuuphuc)"
}
],
"descriptions": [
{
"lang": "en",
"value": "The WordPress Awesome Import \u0026 Export Plugin - Import \u0026 Export WordPress Data plugin for WordPress is vulnerable arbitrary SQL Execution and privilege escalation due to a missing capability check on the renderImport() function in all versions up to, and including, 4.1.1. This makes it possible for authenticated attackers, with Subscriber-level access and above, to execute arbitrary SQL statements that can leveraged to create a new administrative user account."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "CWE-862 Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-08T17:32:37.448Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/f24f0673-b5c8-4086-8795-692228a413af?source=cve"
},
{
"url": "https://codecanyon.net/item/wordpress-awesome-import-export-plugin-v-24/12896266"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-03-04T21:05:07.000Z",
"value": "Disclosed"
}
],
"title": "WordPress Awesome Import \u0026 Export Plugin - Import \u0026 Export WordPress Data \u003c= 4.1.1 - Missing Authorization to Authenticated (Subscriber+) Arbitrary SQL Execution/Privilege Escalation"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2024-13232",
"datePublished": "2025-03-05T09:21:50.957Z",
"dateReserved": "2025-01-09T15:58:09.506Z",
"dateUpdated": "2026-04-08T17:32:37.448Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-1324 (GCVE-0-2024-1324)
Vulnerability from cvelistv5 – Published: 2024-06-01 06:51 – Updated: 2026-04-08 17:31
VLAI
Title
QQWorld Auto Save Images <= 1.9.8 - Missing Authorization to Arbitrary Post Content Retrieval
Summary
The QQWorld Auto Save Images plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the save_remote_images_get_auto_saved_results() function hooked via a norpriv AJAX in all versions up to, and including, 1.9.8. This makes it possible for unauthenticated attackers to retrieve the contents of arbitrary posts that may not be public.
Severity
5.3 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-862 - Missing Authorization
Assigner
References
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| qqworld | QQWorld Auto Save Images |
Affected:
0 , ≤ 1.9.8
(semver)
|
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T18:33:25.402Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/ed82f527-b7af-4466-a977-855f109ed997?source=cve"
},
{
"tags": [
"x_transferred"
],
"url": "https://plugins.trac.wordpress.org/browser/qqworld-auto-save-images/trunk/qqworld-auto-save-images.php#L417"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-1324",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-03T15:13:14.588716Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-15T15:01:49.502Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "QQWorld Auto Save Images",
"vendor": "qqworld",
"versions": [
{
"lessThanOrEqual": "1.9.8",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Francesco Carlucci"
}
],
"descriptions": [
{
"lang": "en",
"value": "The QQWorld Auto Save Images plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the save_remote_images_get_auto_saved_results() function hooked via a norpriv AJAX in all versions up to, and including, 1.9.8. This makes it possible for unauthenticated attackers to retrieve the contents of arbitrary posts that may not be public."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "CWE-862 Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-08T17:31:37.369Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/ed82f527-b7af-4466-a977-855f109ed997?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/qqworld-auto-save-images/trunk/qqworld-auto-save-images.php#L417"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-05-31T18:47:13.000Z",
"value": "Disclosed"
}
],
"title": "QQWorld Auto Save Images \u003c= 1.9.8 - Missing Authorization to Arbitrary Post Content Retrieval"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2024-1324",
"datePublished": "2024-06-01T06:51:52.577Z",
"dateReserved": "2024-02-07T17:52:21.949Z",
"dateUpdated": "2026-04-08T17:31:37.369Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-13243 (GCVE-0-2024-13243)
Vulnerability from cvelistv5 – Published: 2025-01-09 18:49 – Updated: 2025-01-10 17:11
VLAI
Title
Entity Delete Log - Moderately critical - Access bypass - SA-CONTRIB-2024-007
Summary
Missing Authorization vulnerability in Drupal Entity Delete Log allows Forceful Browsing.This issue affects Entity Delete Log: from 0.0.0 before 1.1.1.
Severity
6.5 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-862 - Missing Authorization
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Drupal | Entity Delete Log |
Affected:
0.0.0 , < 1.1.1
(semver)
|
Date Public
2024-01-31 17:22
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-13243",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-10T17:11:10.908831Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-10T17:11:34.905Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://www.drupal.org/project/entity_delete_log",
"defaultStatus": "unaffected",
"product": "Entity Delete Log",
"repo": "https://git.drupalcode.org/project/entity_delete_log",
"vendor": "Drupal",
"versions": [
{
"lessThan": "1.1.1",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Ryan Szrama"
},
{
"lang": "en",
"type": "remediation developer",
"value": "Malay Nayak"
},
{
"lang": "en",
"type": "remediation developer",
"value": "Virendra Singh"
},
{
"lang": "en",
"type": "coordinator",
"value": "Greg Knaddison"
},
{
"lang": "en",
"type": "coordinator",
"value": "Heine"
},
{
"lang": "en",
"type": "coordinator",
"value": "Benji Fisher"
}
],
"datePublic": "2024-01-31T17:22:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Missing Authorization vulnerability in Drupal Entity Delete Log allows Forceful Browsing.\u003cp\u003eThis issue affects Entity Delete Log: from 0.0.0 before 1.1.1.\u003c/p\u003e"
}
],
"value": "Missing Authorization vulnerability in Drupal Entity Delete Log allows Forceful Browsing.This issue affects Entity Delete Log: from 0.0.0 before 1.1.1."
}
],
"impacts": [
{
"capecId": "CAPEC-87",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-87 Forceful Browsing"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "CWE-862 Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-09T18:49:49.688Z",
"orgId": "2c85b837-eb8b-40ed-9d74-228c62987387",
"shortName": "drupal"
},
"references": [
{
"url": "https://www.drupal.org/sa-contrib-2024-007"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Entity Delete Log - Moderately critical - Access bypass - SA-CONTRIB-2024-007",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "2c85b837-eb8b-40ed-9d74-228c62987387",
"assignerShortName": "drupal",
"cveId": "CVE-2024-13243",
"datePublished": "2025-01-09T18:49:49.688Z",
"dateReserved": "2025-01-09T18:27:05.261Z",
"dateUpdated": "2025-01-10T17:11:34.905Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-1328 (GCVE-0-2024-1328)
Vulnerability from cvelistv5 – Published: 2024-03-12 08:34 – Updated: 2026-04-08 17:01
VLAI
Title
Newsletter2Go <= 4.0.14 - Authenticated(Subscriber+) Stored Cross-Site Scripting via style
Summary
The Newsletter2Go plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘style’ parameter in all versions up to, and including, 4.0.14 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with subscriber access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity
6.4 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-862 - Missing Authorization
Assigner
References
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| newsletter2go | Newsletter2Go |
Affected:
0 , ≤ 4.0.14
(semver)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-1328",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-03-12T16:10:30.800048Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:59:24.388Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T18:33:25.445Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/766ac399-7280-4186-8972-94da813da85e?source=cve"
},
{
"tags": [
"x_transferred"
],
"url": "https://plugins.trac.wordpress.org/browser/newsletter2go/tags/4.0.13/gui/N2Go_Gui.php#L296"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Newsletter2Go",
"vendor": "newsletter2go",
"versions": [
{
"lessThanOrEqual": "4.0.14",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Francesco Carlucci"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Newsletter2Go plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the \u2018style\u2019 parameter in all versions up to, and including, 4.0.14 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with subscriber access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "CWE-862 Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-08T17:01:29.634Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/766ac399-7280-4186-8972-94da813da85e?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/newsletter2go/tags/4.0.13/gui/N2Go_Gui.php#L296"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-03-11T00:00:00.000Z",
"value": "Disclosed"
}
],
"title": "Newsletter2Go \u003c= 4.0.14 - Authenticated(Subscriber+) Stored Cross-Site Scripting via style"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2024-1328",
"datePublished": "2024-03-12T08:34:16.896Z",
"dateReserved": "2024-02-07T18:57:13.931Z",
"dateUpdated": "2026-04-08T17:01:29.634Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-13303 (GCVE-0-2024-13303)
Vulnerability from cvelistv5 – Published: 2025-01-09 20:24 – Updated: 2025-01-10 17:55
VLAI
Title
Download All Files - Critical - Access bypass - SA-CONTRIB-2024-069
Summary
Missing Authorization vulnerability in Drupal Download All Files allows Forceful Browsing.This issue affects Download All Files: from 0.0.0 before 2.0.2.
Severity
5.3 (Medium)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-862 - Missing Authorization
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Drupal | Download All Files |
Affected:
0.0.0 , < 2.0.2
(semver)
|
Date Public
2024-12-04 15:13
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-13303",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-10T17:54:25.974326Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-10T17:55:12.067Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://www.drupal.org/project/download_all_files",
"defaultStatus": "unaffected",
"product": "Download All Files",
"repo": "https://git.drupalcode.org/project/download_all_files",
"vendor": "Drupal",
"versions": [
{
"lessThan": "2.0.2",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Pierre Rudloff"
},
{
"lang": "en",
"type": "finder",
"value": "Jeroen Tubex"
},
{
"lang": "en",
"type": "remediation developer",
"value": "Jeroen Tubex"
},
{
"lang": "en",
"type": "remediation developer",
"value": "striknin"
},
{
"lang": "en",
"type": "remediation developer",
"value": "Giuseppe"
},
{
"lang": "en",
"type": "coordinator",
"value": "Greg Knaddison"
},
{
"lang": "en",
"type": "coordinator",
"value": "Damien McKenna"
},
{
"lang": "en",
"type": "coordinator",
"value": "Ivo Van Geertruyen"
}
],
"datePublic": "2024-12-04T15:13:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Missing Authorization vulnerability in Drupal Download All Files allows Forceful Browsing.\u003cp\u003eThis issue affects Download All Files: from 0.0.0 before 2.0.2.\u003c/p\u003e"
}
],
"value": "Missing Authorization vulnerability in Drupal Download All Files allows Forceful Browsing.This issue affects Download All Files: from 0.0.0 before 2.0.2."
}
],
"impacts": [
{
"capecId": "CAPEC-87",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-87 Forceful Browsing"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "CWE-862 Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-09T20:24:30.952Z",
"orgId": "2c85b837-eb8b-40ed-9d74-228c62987387",
"shortName": "drupal"
},
"references": [
{
"url": "https://www.drupal.org/sa-contrib-2024-069"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Download All Files - Critical - Access bypass - SA-CONTRIB-2024-069",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "2c85b837-eb8b-40ed-9d74-228c62987387",
"assignerShortName": "drupal",
"cveId": "CVE-2024-13303",
"datePublished": "2025-01-09T20:24:30.952Z",
"dateReserved": "2025-01-09T18:28:39.204Z",
"dateUpdated": "2025-01-10T17:55:12.067Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Mitigation
Phase: Architecture and Design
Description:
- Divide the product into anonymous, normal, privileged, and administrative areas. Reduce the attack surface by carefully mapping roles with data and functionality. Use role-based access control (RBAC) [REF-229] to enforce the roles at the appropriate boundaries.
- Note that this approach may not protect against horizontal authorization, i.e., it will not protect a user from attacking others with the same role.
Mitigation
Phase: Architecture and Design
Description:
- Ensure that access control checks are performed related to the business logic. These checks may be different than the access control checks that are applied to more generic resources such as files, connections, processes, memory, and database records. For example, a database may restrict access for medical records to a specific database user, but each record might only be intended to be accessible to the patient and the patient's doctor [REF-7].
Mitigation ID: MIT-4.4
Phase: Architecture and Design
Strategy: Libraries or Frameworks
Description:
- Use a vetted library or framework that does not allow this weakness to occur or provides constructs that make this weakness easier to avoid.
- For example, consider using authorization frameworks such as the JAAS Authorization Framework [REF-233] and the OWASP ESAPI Access Control feature [REF-45].
Mitigation
Phase: Architecture and Design
Description:
- For web applications, make sure that the access control mechanism is enforced correctly at the server side on every page. Users should not be able to access any unauthorized functionality or information by simply requesting direct access to that page.
- One way to do this is to ensure that all pages containing sensitive information are not cached, and that all such pages restrict access to requests that are accompanied by an active and authenticated session token associated with a user who has the required permissions to access that page.
Mitigation
Phases: System Configuration, Installation
Description:
- Use the access control capabilities of your operating system and server environment and define your access control lists accordingly. Use a "default deny" policy when defining these ACLs.
CAPEC-665: Exploitation of Thunderbolt Protection Flaws
An adversary leverages a firmware weakness within the Thunderbolt protocol, on a computing device to manipulate Thunderbolt controller firmware in order to exploit vulnerabilities in the implementation of authorization and verification schemes within Thunderbolt protection mechanisms. Upon gaining physical access to a target device, the adversary conducts high-level firmware manipulation of the victim Thunderbolt controller SPI (Serial Peripheral Interface) flash, through the use of a SPI Programing device and an external Thunderbolt device, typically as the target device is booting up. If successful, this allows the adversary to modify memory, subvert authentication mechanisms, spoof identities and content, and extract data and memory from the target device. Currently 7 major vulnerabilities exist within Thunderbolt protocol with 9 attack vectors as noted in the Execution Flow.