This is a summary of the AI-generated 10-question deep analysis. The full version (longer answers, follow-up Q&A, related CVEs) requires login. Read the full analysis β
Q1What is this vulnerability? (Essence + Consequences)
π¨ **Essence**: Unauthenticated Privilege Escalation in WordPress Plugin 'JSON API User'. π₯ **Consequences**: Attackers can bypass authentication to register as **Administrators**. Full site control is lost.β¦
π¦ **Affected**: WordPress Plugin **JSON API User**. π **Versions**: **3.9.3** and earlier. π’ **Vendor**: parorrey. β οΈ **Dependency**: Requires the 'JSON API' plugin to be installed.
Q4What can hackers do? (Privileges/Data)
π **Privileges**: Escalate from **None** to **Administrator**. π **Data**: Full access to site content, users, and settings. π **Impact**: High Confidentiality, Integrity, and Availability loss. Complete site takeover.
Q5Is exploitation threshold high? (Auth/Config)
π **Threshold**: **LOW**. π **Auth**: **Unauthenticated** (No login needed). π **Vector**: Network (AV:N). βοΈ **Config**: Low complexity (AC:L). No user interaction required (UI:N).
Q6Is there a public Exp? (PoC/Wild Exploitation)
π» **Public Exp**: **YES**. π **PoCs Available**: Python scripts on GitHub (e.g., RandomRobbieBF, Jenderal92). π **Wild Exploitation**: High risk. CVSS Score **9.8** (Critical). Easy to automate.
Q7How to self-check? (Features/Scanning)
π **Self-Check**: Scan for plugin 'JSON API User'. π **Version Check**: Verify version is **β€ 3.9.3**. π οΈ **Tools**: Use WordPress security scanners or check `wp-content/plugins/` directory. π **Indicator**: Presence of β¦
π§ **No Patch Workaround**: Disable the plugin if not essential. π **Mitigation**: Restrict user registration on the site. π‘οΈ **WAF**: Block requests targeting the specific API endpoints for user meta updates. β οΈ **Note**β¦