Privilege Escalation Vulnerability in WordPress
CVE-2023-1874

8.8HIGH

Key Information:

Vendor
Wordpress
Status
WP Data Access
Vendor
CVE Published:
12 April 2023

Summary

The WP Data Access plugin for WordPress contains a vulnerability allowing users with minimal permissions to elevate their own user roles. This is due to insufficient authorization checks on the 'multiple_roles_update' function, particularly in versions up to and including 5.3.7. When the 'Enable role management' setting is activated on the site, authenticated attackers can exploit this weakness by modifying the 'wpda_role[]' parameter during a profile update, effectively granting themselves unauthorized privileges.

Affected Version(s)

WP Data Access * <= 5.3.7

References

https://www.wordfence.com/threat-intel/vulnerabilities/id...
https://plugins.trac.wordpress.org/browser/wp-data-access...
https://plugins.trac.wordpress.org/browser/wp-data-access...

CVSS V3.1

Score:
8.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

Chloe Chamberland
.