CVE-2024-5468 (GCVE-0-2024-5468)

Vulnerability from cvelistv5 – Published: 2024-06-12 08:33 – Updated: 2024-08-01 21:11
VLAI?
Title
WordPress Header Builder Plugin – Pearl <= 1.3.7 - Missing Authorization to Unauthenticated Arbitrary Site Options Deletion
Summary
The WordPress Header Builder Plugin – Pearl plugin for WordPress is vulnerable to unauthorized site option deletion due to a missing validation and capability checks on the stm_hb_delete() function in all versions up to, and including, 1.3.7. This makes it possible for unauthenticated attackers to delete arbitrary options that can be used to perform a denial of service attack on a site.
Severity ?
6.5 (Medium)
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L
CWE
Assigner
References
Impacted products
Vendor Product Version
stylemix WordPress Header Builder Plugin – Pearl Affected: * , ≤ 1.3.7 (semver)
Create a notification for this product.
Credits
Lucio Sá
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-5468",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-06-12T13:15:52.268856Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-12T13:16:03.562Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T21:11:12.871Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/c2e770e0-1a39-4946-838b-4fd1f1dea1c8?source=cve"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://plugins.trac.wordpress.org/browser/pearl-header-builder/tags/1.3.7/includes/helpers.php#L304"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "WordPress Header Builder Plugin \u2013 Pearl",
          "vendor": "stylemix",
          "versions": [
            {
              "lessThanOrEqual": "1.3.7",
              "status": "affected",
              "version": "*",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Lucio S\u00e1"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "The WordPress Header Builder Plugin \u2013 Pearl plugin for WordPress is vulnerable to unauthorized site option deletion due to a missing validation and capability checks on the stm_hb_delete() function in all versions up to, and including, 1.3.7. This makes it possible for unauthenticated attackers to delete arbitrary options that can be used to perform a denial of service attack on a site."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "CWE-862 Missing Authorization",
              "lang": "en"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-06-12T08:33:19.554Z",
        "orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
        "shortName": "Wordfence"
      },
      "references": [
        {
          "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/c2e770e0-1a39-4946-838b-4fd1f1dea1c8?source=cve"
        },
        {
          "url": "https://plugins.trac.wordpress.org/browser/pearl-header-builder/tags/1.3.7/includes/helpers.php#L304"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2024-05-21T00:00:00.000+00:00",
          "value": "Discovered"
        },
        {
          "lang": "en",
          "time": "2024-06-11T20:05:56.000+00:00",
          "value": "Disclosed"
        }
      ],
      "title": "WordPress Header Builder Plugin \u2013 Pearl \u003c= 1.3.7 - Missing Authorization to Unauthenticated Arbitrary Site Options Deletion"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
    "assignerShortName": "Wordfence",
    "cveId": "CVE-2024-5468",
    "datePublished": "2024-06-12T08:33:19.554Z",
    "dateReserved": "2024-05-29T12:28:42.067Z",
    "dateUpdated": "2024-08-01T21:11:12.871Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2024-5468\",\"sourceIdentifier\":\"security@wordfence.com\",\"published\":\"2024-06-12T09:15:21.910\",\"lastModified\":\"2024-11-21T09:47:44.527\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The WordPress Header Builder Plugin \u2013 Pearl plugin for WordPress is vulnerable to unauthorized site option deletion due to a missing validation and capability checks on the stm_hb_delete() function in all versions up to, and including, 1.3.7. This makes it possible for unauthenticated attackers to delete arbitrary options that can be used to perform a denial of service attack on a site.\"},{\"lang\":\"es\",\"value\":\"El complemento WordPress Header Builder Plugin \u2013 Pearl para WordPress es vulnerable a la eliminaci\u00f3n no autorizada de opciones de sitio debido a una falta de validaci\u00f3n y comprobaciones de capacidad en la funci\u00f3n stm_hb_delete() en todas las versiones hasta la 1.3.7 incluida. Esto hace posible que atacantes no autenticados eliminen opciones arbitrarias que pueden usarse para realizar un ataque de denegaci\u00f3n de servicio en un sitio.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security@wordfence.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L\",\"baseScore\":6.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"LOW\"},\"exploitabilityScore\":3.9,\"impactScore\":2.5}]},\"references\":[{\"url\":\"https://plugins.trac.wordpress.org/browser/pearl-header-builder/tags/1.3.7/includes/helpers.php#L304\",\"source\":\"security@wordfence.com\"},{\"url\":\"https://www.wordfence.com/threat-intel/vulnerabilities/id/c2e770e0-1a39-4946-838b-4fd1f1dea1c8?source=cve\",\"source\":\"security@wordfence.com\"},{\"url\":\"https://plugins.trac.wordpress.org/browser/pearl-header-builder/tags/1.3.7/includes/helpers.php#L304\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://www.wordfence.com/threat-intel/vulnerabilities/id/c2e770e0-1a39-4946-838b-4fd1f1dea1c8?source=cve\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-5468\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-06-12T13:15:52.268856Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-06-12T13:15:59.777Z\"}}], \"cna\": {\"title\": \"WordPress Header Builder Plugin \\u2013 Pearl \u003c= 1.3.7 - Missing Authorization to Unauthenticated Arbitrary Site Options Deletion\", \"credits\": [{\"lang\": \"en\", \"type\": \"finder\", \"value\": \"Lucio S\\u00e1\"}], \"metrics\": [{\"cvssV3_1\": {\"version\": \"3.1\", \"baseScore\": 6.5, \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L\"}}], \"affected\": [{\"vendor\": \"stylemix\", \"product\": \"WordPress Header Builder Plugin \\u2013 Pearl\", \"versions\": [{\"status\": \"affected\", \"version\": \"*\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"1.3.7\"}], \"defaultStatus\": \"unaffected\"}], \"timeline\": [{\"lang\": \"en\", \"time\": \"2024-05-21T00:00:00.000+00:00\", \"value\": \"Discovered\"}, {\"lang\": \"en\", \"time\": \"2024-06-11T20:05:56.000+00:00\", \"value\": \"Disclosed\"}], \"references\": [{\"url\": \"https://www.wordfence.com/threat-intel/vulnerabilities/id/c2e770e0-1a39-4946-838b-4fd1f1dea1c8?source=cve\"}, {\"url\": \"https://plugins.trac.wordpress.org/browser/pearl-header-builder/tags/1.3.7/includes/helpers.php#L304\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"The WordPress Header Builder Plugin \\u2013 Pearl plugin for WordPress is vulnerable to unauthorized site option deletion due to a missing validation and capability checks on the stm_hb_delete() function in all versions up to, and including, 1.3.7. This makes it possible for unauthenticated attackers to delete arbitrary options that can be used to perform a denial of service attack on a site.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"description\": \"CWE-862 Missing Authorization\"}]}], \"providerMetadata\": {\"orgId\": \"b15e7b5b-3da4-40ae-a43c-f7aa60e62599\", \"shortName\": \"Wordfence\", \"dateUpdated\": \"2024-06-12T08:33:19.554Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2024-5468\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-06-12T13:16:03.562Z\", \"dateReserved\": \"2024-05-29T12:28:42.067Z\", \"assignerOrgId\": \"b15e7b5b-3da4-40ae-a43c-f7aa60e62599\", \"datePublished\": \"2024-06-12T08:33:19.554Z\", \"assignerShortName\": \"Wordfence\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.