Search criteria
4 vulnerabilities found for fundengine by wpmet
CVE-2024-6698 (GCVE-0-2024-6698)
Vulnerability from nvd – Published: 2024-08-01 03:29 – Updated: 2024-08-01 14:10
VLAI?
Title
FundEngine – Donation and Crowdfunding Platform <= 1.7.0 - Authenticated (Subscriber+) Privilege Escalation
Summary
The FundEngine plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 1.7.0. This is due to the plugin not properly verifying user meta updated through the update_user_meta function. This makes it possible for authenticated attackers, with subscriber-level access and above, to update their user meta which can be leveraged to update their capabilities to gain administrator access.
Severity ?
8.8 (High)
CWE
- CWE-862 - Missing Authorization
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| xpeedstudio | FundEngine – Donation and Crowdfunding Platform |
Affected:
* , ≤ 1.7.0
(semver)
|
Credits
Thanh Nam Tran
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:wpmet:wp_fundraising_donation_and_crowdfunding_platform:*:*:*:*:*:wordpress:*:*"
],
"defaultStatus": "unknown",
"product": "wp_fundraising_donation_and_crowdfunding_platform",
"vendor": "wpmet",
"versions": [
{
"lessThanOrEqual": "1.7.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-6698",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-01T14:07:25.485872Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-01T14:10:21.095Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "FundEngine \u2013 Donation and Crowdfunding Platform",
"vendor": "xpeedstudio",
"versions": [
{
"lessThanOrEqual": "1.7.0",
"status": "affected",
"version": "*",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Thanh Nam Tran"
}
],
"descriptions": [
{
"lang": "en",
"value": "The FundEngine plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 1.7.0. This is due to the plugin not properly verifying user meta updated through the update_user_meta function. This makes it possible for authenticated attackers, with subscriber-level access and above, to update their user meta which can be leveraged to update their capabilities to gain administrator access."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "CWE-862 Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-01T03:29:58.918Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/2ec6cf42-291b-452d-ad14-80ae1cd5ec5c?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=\u0026sfph_mail=\u0026reponame=\u0026new=3128099%40wp-fundraising-donation%2Ftrunk\u0026old=3072093%40wp-fundraising-donation%2Ftrunk\u0026sfp_email=\u0026sfph_mail="
}
],
"timeline": [
{
"lang": "en",
"time": "2024-07-31T15:16:32.000+00:00",
"value": "Disclosed"
}
],
"title": "FundEngine \u2013 Donation and Crowdfunding Platform \u003c= 1.7.0 - Authenticated (Subscriber+) Privilege Escalation"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2024-6698",
"datePublished": "2024-08-01T03:29:58.918Z",
"dateReserved": "2024-07-11T15:47:40.488Z",
"dateUpdated": "2024-08-01T14:10:21.095Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-0788 (GCVE-0-2022-0788)
Vulnerability from nvd – Published: 2022-06-06 08:50 – Updated: 2024-08-02 23:40
VLAI?
Title
WP Fundraising Donation and Crowdfunding Platform < 1.5.0 - Unauthenticated SQLi
Summary
The WP Fundraising Donation and Crowdfunding Platform WordPress plugin before 1.5.0 does not sanitise and escape a parameter before using it in a SQL statement via one of it's REST route, leading to an SQL injection exploitable by unauthenticated users
Severity ?
No CVSS data available.
CWE
- CWE-89 - SQL Injection
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unknown | WP Fundraising Donation and Crowdfunding Platform |
Affected:
1.5.0 , < 1.5.0
(custom)
|
Credits
cydave
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T23:40:04.349Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://wpscan.com/vulnerability/fbc71710-123f-4c61-9796-a6a4fd354828"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "WP Fundraising Donation and Crowdfunding Platform",
"vendor": "Unknown",
"versions": [
{
"lessThan": "1.5.0",
"status": "affected",
"version": "1.5.0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "cydave"
}
],
"descriptions": [
{
"lang": "en",
"value": "The WP Fundraising Donation and Crowdfunding Platform WordPress plugin before 1.5.0 does not sanitise and escape a parameter before using it in a SQL statement via one of it\u0027s REST route, leading to an SQL injection exploitable by unauthenticated users"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "CWE-89 SQL Injection",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-07-11T12:55:30",
"orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"shortName": "WPScan"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://wpscan.com/vulnerability/fbc71710-123f-4c61-9796-a6a4fd354828"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "WP Fundraising Donation and Crowdfunding Platform \u003c 1.5.0 - Unauthenticated SQLi",
"x_generator": "WPScan CVE Generator",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "contact@wpscan.com",
"ID": "CVE-2022-0788",
"STATE": "PUBLIC",
"TITLE": "WP Fundraising Donation and Crowdfunding Platform \u003c 1.5.0 - Unauthenticated SQLi"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "WP Fundraising Donation and Crowdfunding Platform",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "1.5.0",
"version_value": "1.5.0"
}
]
}
}
]
},
"vendor_name": "Unknown"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "cydave"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The WP Fundraising Donation and Crowdfunding Platform WordPress plugin before 1.5.0 does not sanitise and escape a parameter before using it in a SQL statement via one of it\u0027s REST route, leading to an SQL injection exploitable by unauthenticated users"
}
]
},
"generator": "WPScan CVE Generator",
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-89 SQL Injection"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://wpscan.com/vulnerability/fbc71710-123f-4c61-9796-a6a4fd354828",
"refsource": "MISC",
"url": "https://wpscan.com/vulnerability/fbc71710-123f-4c61-9796-a6a4fd354828"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"assignerShortName": "WPScan",
"cveId": "CVE-2022-0788",
"datePublished": "2022-06-06T08:50:51",
"dateReserved": "2022-02-28T00:00:00",
"dateUpdated": "2024-08-02T23:40:04.349Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-6698 (GCVE-0-2024-6698)
Vulnerability from cvelistv5 – Published: 2024-08-01 03:29 – Updated: 2024-08-01 14:10
VLAI?
Title
FundEngine – Donation and Crowdfunding Platform <= 1.7.0 - Authenticated (Subscriber+) Privilege Escalation
Summary
The FundEngine plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 1.7.0. This is due to the plugin not properly verifying user meta updated through the update_user_meta function. This makes it possible for authenticated attackers, with subscriber-level access and above, to update their user meta which can be leveraged to update their capabilities to gain administrator access.
Severity ?
8.8 (High)
CWE
- CWE-862 - Missing Authorization
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| xpeedstudio | FundEngine – Donation and Crowdfunding Platform |
Affected:
* , ≤ 1.7.0
(semver)
|
Credits
Thanh Nam Tran
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:wpmet:wp_fundraising_donation_and_crowdfunding_platform:*:*:*:*:*:wordpress:*:*"
],
"defaultStatus": "unknown",
"product": "wp_fundraising_donation_and_crowdfunding_platform",
"vendor": "wpmet",
"versions": [
{
"lessThanOrEqual": "1.7.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-6698",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-01T14:07:25.485872Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-01T14:10:21.095Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "FundEngine \u2013 Donation and Crowdfunding Platform",
"vendor": "xpeedstudio",
"versions": [
{
"lessThanOrEqual": "1.7.0",
"status": "affected",
"version": "*",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Thanh Nam Tran"
}
],
"descriptions": [
{
"lang": "en",
"value": "The FundEngine plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 1.7.0. This is due to the plugin not properly verifying user meta updated through the update_user_meta function. This makes it possible for authenticated attackers, with subscriber-level access and above, to update their user meta which can be leveraged to update their capabilities to gain administrator access."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "CWE-862 Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-01T03:29:58.918Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/2ec6cf42-291b-452d-ad14-80ae1cd5ec5c?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=\u0026sfph_mail=\u0026reponame=\u0026new=3128099%40wp-fundraising-donation%2Ftrunk\u0026old=3072093%40wp-fundraising-donation%2Ftrunk\u0026sfp_email=\u0026sfph_mail="
}
],
"timeline": [
{
"lang": "en",
"time": "2024-07-31T15:16:32.000+00:00",
"value": "Disclosed"
}
],
"title": "FundEngine \u2013 Donation and Crowdfunding Platform \u003c= 1.7.0 - Authenticated (Subscriber+) Privilege Escalation"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2024-6698",
"datePublished": "2024-08-01T03:29:58.918Z",
"dateReserved": "2024-07-11T15:47:40.488Z",
"dateUpdated": "2024-08-01T14:10:21.095Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-0788 (GCVE-0-2022-0788)
Vulnerability from cvelistv5 – Published: 2022-06-06 08:50 – Updated: 2024-08-02 23:40
VLAI?
Title
WP Fundraising Donation and Crowdfunding Platform < 1.5.0 - Unauthenticated SQLi
Summary
The WP Fundraising Donation and Crowdfunding Platform WordPress plugin before 1.5.0 does not sanitise and escape a parameter before using it in a SQL statement via one of it's REST route, leading to an SQL injection exploitable by unauthenticated users
Severity ?
No CVSS data available.
CWE
- CWE-89 - SQL Injection
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unknown | WP Fundraising Donation and Crowdfunding Platform |
Affected:
1.5.0 , < 1.5.0
(custom)
|
Credits
cydave
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T23:40:04.349Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://wpscan.com/vulnerability/fbc71710-123f-4c61-9796-a6a4fd354828"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "WP Fundraising Donation and Crowdfunding Platform",
"vendor": "Unknown",
"versions": [
{
"lessThan": "1.5.0",
"status": "affected",
"version": "1.5.0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "cydave"
}
],
"descriptions": [
{
"lang": "en",
"value": "The WP Fundraising Donation and Crowdfunding Platform WordPress plugin before 1.5.0 does not sanitise and escape a parameter before using it in a SQL statement via one of it\u0027s REST route, leading to an SQL injection exploitable by unauthenticated users"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "CWE-89 SQL Injection",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-07-11T12:55:30",
"orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"shortName": "WPScan"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://wpscan.com/vulnerability/fbc71710-123f-4c61-9796-a6a4fd354828"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "WP Fundraising Donation and Crowdfunding Platform \u003c 1.5.0 - Unauthenticated SQLi",
"x_generator": "WPScan CVE Generator",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "contact@wpscan.com",
"ID": "CVE-2022-0788",
"STATE": "PUBLIC",
"TITLE": "WP Fundraising Donation and Crowdfunding Platform \u003c 1.5.0 - Unauthenticated SQLi"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "WP Fundraising Donation and Crowdfunding Platform",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "1.5.0",
"version_value": "1.5.0"
}
]
}
}
]
},
"vendor_name": "Unknown"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "cydave"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The WP Fundraising Donation and Crowdfunding Platform WordPress plugin before 1.5.0 does not sanitise and escape a parameter before using it in a SQL statement via one of it\u0027s REST route, leading to an SQL injection exploitable by unauthenticated users"
}
]
},
"generator": "WPScan CVE Generator",
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-89 SQL Injection"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://wpscan.com/vulnerability/fbc71710-123f-4c61-9796-a6a4fd354828",
"refsource": "MISC",
"url": "https://wpscan.com/vulnerability/fbc71710-123f-4c61-9796-a6a4fd354828"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"assignerShortName": "WPScan",
"cveId": "CVE-2022-0788",
"datePublished": "2022-06-06T08:50:51",
"dateReserved": "2022-02-28T00:00:00",
"dateUpdated": "2024-08-02T23:40:04.349Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}