Arbitrary Nonce Generation Vulnerability Affects Depicter Slider and Carousel Plugin for WordPress
CVE-2024-4390

6.5MEDIUM

Key Information:

Vendor
Wordpress
Status
Slider & Popup Builder By Depicter – Add Image Slider, Carousel Slider, Exit Intent Popup, Popup Modal, Coupon Popup, Post Slider Carousel
Vendor
CVE Published:
20 June 2024

Summary

The Slider and Carousel slider by Depicter plugin for WordPress is vulnerable to Arbitrary Nonce Generation in all versions up to, and including, 3.0.2. This makes it possible for authenticated attackers with contributor access and above, to generate a valid nonce for any WordPress action/function. This could be used to invoke functionality that is protected only by nonce checks.

Affected Version(s)

Slider & Popup Builder by Depicter – Add Image Slider, Carousel Slider, Exit Intent Popup, Popup Modal, Coupon Popup, Post Slider Carousel * <= 3.0.2

References

https://www.wordfence.com/threat-intel/vulnerabilities/id...
https://plugins.trac.wordpress.org/browser/depicter/trunk...
https://plugins.trac.wordpress.org/changeset?sfp_email=&s...

CVSS V3.1

Score:
6.5
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

Arkadiusz Hydzik
.