Unauthenticated Arbitrary Shortcode Execution Vulnerability in GamiPress Plugin
CVE-2024-11036

7.3HIGH

Key Information:

Vendor
Wordpress
Status
Gamipress – The #1 Gamification Plugin To Reward Points, Achievements, Badges & Ranks In WordPress
Vendor
CVE Published:
19 November 2024

Summary

The GamiPress plugin, widely utilized for gamification in WordPress websites, is exposed to a security vulnerability that permits arbitrary shortcode execution through the gamipress_get_user_earnings AJAX action. All versions up to and including 7.1.5 do not adequately validate user-supplied input before processing it through the do_shortcode function. This oversight can be exploited by unauthenticated users, enabling them to run unauthorized shortcodes and potentially execute harmful code or commands on the server. Website owners utilizing GamiPress should promptly evaluate their installations to mitigate risks associated with this vulnerability.

Affected Version(s)

GamiPress – The #1 gamification plugin to reward points, achievements, badges & ranks in WordPress * <= 7.1.5

References

https://www.wordfence.com/threat-intel/vulnerabilities/id...
https://plugins.trac.wordpress.org/browser/gamipress/tags...
https://plugins.trac.wordpress.org/browser/gamipress/tags...

CVSS V3.1

Score:
7.3
Severity:
HIGH
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

Arkadiusz Hydzik
.