CVE-2024-12259— WordPress plugin RepairBuddy 安全漏洞

CRM WordPress Plugin – RepairBuddy <= 3.8120 - Missing Authorization to Account Takeover/Privilege Escalation

The CRM WordPress Plugin – RepairBuddy plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 3.8120. This is due to the plugin not properly validating a user's identity prior to updating their email through the wc_update_user_data AJAX action. This makes it possible for authenticated attackers, with subscriber-level access and above, to change arbitrary user's email addresses, including administrators, and leverage that to reset the user's password and gain access to their account.

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

授权机制缺失

WordPress plugin RepairBuddy 安全漏洞

WordPress和WordPress plugin都是WordPress基金会的产品。WordPress是一套使用PHP语言开发的博客平台。该平台支持在PHP和MySQL的服务器上架设个人博客网站。WordPress plugin是一个应用插件。 WordPress plugin RepairBuddy 3.8120版本及之前版本存在安全漏洞，该漏洞源于在通过 wc_update_user_data AJAX 操作更新电子邮件之前没有正确验证用户的身份。

N/A

N/A