CVE-2024-4661 - Vulnerability Details - OpenCVE

The WP Reset plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the save_ajax function in all versions up to, and including, 2.02. This makes it possible for authenticated attackers, with subscriber-level access and above, to modify the value fo the 'License Key' field for the 'Activate Pro License' setting.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact Low

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Webfactoryltd	Wp Reset

Configuration 1 [-]

cpe:2.3:a:webfactoryltd:wp_reset:*:*:*:*:*:wordpress:*:*

No data.

References

Link	Providers
https://plugins.trac.wordpress.org/changeset/3097597/wp-reset
https://www.wordfence.com/threat-intel/vulnerabilities/id/0d2dc86e-f937-429f-9baa-0eb0a8715513?source=cve

History

Thu, 31 Oct 2024 18:45:00 +0000

Type	Values Removed	Values Added
First Time appeared		Webfactoryltd Webfactoryltd wp Reset
Weaknesses		CWE-862
CPEs		cpe:2.3:a:webfactoryltd:wp_reset::::::wordpress::*
Vendors & Products		Webfactoryltd Webfactoryltd wp Reset

MITRE

Status: PUBLISHED

Assigner: Wordfence

Published: 2024-06-08T05:44:28.733Z

Updated: 2024-08-01T20:47:41.503Z

Reserved: 2024-05-08T16:44:06.019Z

Link: CVE-2024-4661

Vulnrichment

Updated: 2024-08-01T20:47:41.503Z

NVD

Status : Modified

Published: 2024-06-08T06:15:09.463

Modified: 2024-11-21T09:43:19.547

Link: CVE-2024-4661

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-4661", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "state": "PUBLISHED", "assignerShortName": "Wordfence", "dateReserved": "2024-05-08T16:44:06.019Z", "datePublished": "2024-06-08T05:44:28.733Z", "dateUpdated": "2024-08-01T20:47:41.503Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2024-06-08T05:44:28.733Z"}, "affected": [{"vendor": "webfactory", "product": "WP Reset \u2013 Most Advanced WordPress Reset Tool", "versions": [{"version": "*", "status": "affected", "lessThanOrEqual": "2.01", "versionType": "semver"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "The WP Reset plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the save_ajax function in all versions up to, and including, 2.02. This makes it possible for authenticated attackers, with subscriber-level access and above, to modify the value fo the 'License Key' field for the 'Activate Pro License' setting."}], "title": "WP Reset <= 2.02 - Missing Authorization to License Key Modification", "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/0d2dc86e-f937-429f-9baa-0eb0a8715513?source=cve"}, {"url": "https://plugins.trac.wordpress.org/changeset/3097597/wp-reset"}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-862 Missing Authorization"}]}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", "baseScore": 4.3, "baseSeverity": "MEDIUM"}}], "credits": [{"lang": "en", "type": "finder", "value": "Friderika Baranyai"}], "timeline": [{"time": "2024-05-08T00:00:00.000+00:00", "lang": "en", "value": "Vendor Notified"}, {"time": "2024-06-07T00:00:00.000+00:00", "lang": "en", "value": "Disclosed"}]}, "adp": [{"affected": [{"vendor": "webfactoryltd", "product": "wp_reset", "cpes": ["cpe:2.3:a:webfactoryltd:wp_reset:*:*:*:*:*:*:*:*"], "defaultStatus": "unaffected", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "2.02", "versionType": "custom"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-06-12T15:10:56.889744Z", "id": "CVE-2024-4661", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-12T15:12:07.515Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T20:47:41.503Z"}, "title": "CVE Program Container", "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/0d2dc86e-f937-429f-9baa-0eb0a8715513?source=cve", "tags": ["x_transferred"]}, {"url": "https://plugins.trac.wordpress.org/changeset/3097597/wp-reset", "tags": ["x_transferred"]}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/0d2dc86e-f937-429f-9baa-0eb0a8715513?source=cve", "tags": ["x_transferred"]}, {"url": "https://plugins.trac.wordpress.org/changeset/3097597/wp-reset", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T20:47:41.503Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-4661", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-06-12T15:10:56.889744Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:webfactoryltd:wp_reset:*:*:*:*:*:*:*:*"], "vendor": "webfactoryltd", "product": "wp_reset", "versions": [{"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "2.02"}], "defaultStatus": "unaffected"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-12T15:12:02.819Z"}}], "cna": {"title": "WP Reset <= 2.02 - Missing Authorization to License Key Modification", "credits": [{"lang": "en", "type": "finder", "value": "Friderika Baranyai"}], "metrics": [{"cvssV3_1": {"version": "3.1", "baseScore": 4.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"}}], "affected": [{"vendor": "webfactory", "product": "WP Reset \u2013 Most Advanced WordPress Reset Tool", "versions": [{"status": "affected", "version": "*", "versionType": "semver", "lessThanOrEqual": "2.01"}], "defaultStatus": "unaffected"}], "timeline": [{"lang": "en", "time": "2024-05-08T00:00:00.000+00:00", "value": "Vendor Notified"}, {"lang": "en", "time": "2024-06-07T00:00:00.000+00:00", "value": "Disclosed"}], "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/0d2dc86e-f937-429f-9baa-0eb0a8715513?source=cve"}, {"url": "https://plugins.trac.wordpress.org/changeset/3097597/wp-reset"}], "descriptions": [{"lang": "en", "value": "The WP Reset plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the save_ajax function in all versions up to, and including, 2.02. This makes it possible for authenticated attackers, with subscriber-level access and above, to modify the value fo the 'License Key' field for the 'Activate Pro License' setting."}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-862 Missing Authorization"}]}], "providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2024-06-08T05:44:28.733Z"}}}, "cveMetadata": {"cveId": "CVE-2024-4661", "state": "PUBLISHED", "dateUpdated": "2024-08-01T20:47:41.503Z", "dateReserved": "2024-05-08T16:44:06.019Z", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "datePublished": "2024-06-08T05:44:28.733Z", "assignerShortName": "Wordfence"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:webfactoryltd:wp_reset:*:*:*:*:*:wordpress:*:*", "matchCriteriaId": "3FFC82BC-8A4B-4CB8-9757-F8F82955CB36", "versionEndExcluding": "2.03", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "The WP Reset plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the save_ajax function in all versions up to, and including, 2.02. This makes it possible for authenticated attackers, with subscriber-level access and above, to modify the value fo the 'License Key' field for the 'Activate Pro License' setting."}, {"lang": "es", "value": "El complemento WP Reset para WordPress es vulnerable a modificaciones no autorizadas de datos debido a una falta de verificaci\u00f3n de capacidad en la funci\u00f3n save_ajax en todas las versiones hasta la 2.02 incluida. Esto hace posible que atacantes autenticados, con acceso de nivel de suscriptor y superior, modifiquen el valor del campo 'Clave de licencia' para la configuraci\u00f3n 'Activar licencia Pro'."}], "id": "CVE-2024-4661", "lastModified": "2024-11-21T09:43:19.547", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 1.4, "source": "security@wordfence.com", "type": "Secondary"}]}, "published": "2024-06-08T06:15:09.463", "references": [{"source": "security@wordfence.com", "tags": ["Patch"], "url": "https://plugins.trac.wordpress.org/changeset/3097597/wp-reset"}, {"source": "security@wordfence.com", "tags": ["Third Party Advisory"], "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/0d2dc86e-f937-429f-9baa-0eb0a8715513?source=cve"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://plugins.trac.wordpress.org/changeset/3097597/wp-reset"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/0d2dc86e-f937-429f-9baa-0eb0a8715513?source=cve"}], "sourceIdentifier": "security@wordfence.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-862"}], "source": "nvd@nist.gov", "type": "Primary"}]}