Insecure Direct Object Reference in WP 2FA Two-Factor Authentication Plugin for WordPress
CVE-2023-6506

4.3MEDIUM

Key Information:

Vendor: Wordpress
Status: WP 2FA – Two-factor authentication for WordPress
Vendor: CVE Published:; 11 January 2024

Summary

The WP 2FA – Two-factor authentication for WordPress plugin is susceptible to an Insecure Direct Object Reference, allowing unauthenticated users with subscriber roles to exploit the send_backup_codes_email function. This vulnerability arises from insufficient validation on user-controlled keys, potentially enabling malicious subscribers to send arbitrary emails to any user on the site. All versions up to and including 2.5.0 are affected, creating significant risks for user data privacy.

Affected Version(s)

WP 2FA – Two-factor authentication for WordPress * <= 2.5.0

References

https://www.wordfence.com/threat-intel/vulnerabilities/id...

https://plugins.trac.wordpress.org/browser/wp-2fa/trunk/i...

https://plugins.trac.wordpress.org/changeset?sfp_email=&s...

CVSS V3.1

Score:

4.3

Severity:

MEDIUM

Confidentiality:

None

Integrity:

Low

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jan 11, 2024
Vulnerability Reserved
Dec 4, 2023

Credit

Ulyses Saicha