Vulnerability in WP Timetics Plugin Allows for Account Takeover and Privilege Escalation
CVE-2024-9263

9.8CRITICAL

Key Information:

Vendor: Wordpress
Status: WP Timetics- Ai-powered Appointment Booking Calendar And Online Scheduling Plugin
Vendor: CVE Published:; 17 October 2024

Summary

The WP Timetics Appointment Booking Calendar and Online Scheduling Plugin for WordPress has a vulnerability that allows unauthenticated attackers to execute account takeover and privilege escalation through Insecure Direct Object Reference. This issue arises from insufficient validation on a user-controlled key during the save() function, affecting all versions up to and including 1.0.25. Consequently, attackers are able to reset the email addresses and passwords of arbitrary user accounts, giving them unauthorized access to sensitive accounts, including those of administrators.

Affected Version(s)

WP Timetics- AI-powered Appointment Booking Calendar and Online Scheduling Plugin * <= 1.0.25

References

https://www.wordfence.com/threat-intel/vulnerabilities/id...

https://plugins.trac.wordpress.org/browser/timetics/tags/...

https://plugins.trac.wordpress.org/changeset/3169771/time...

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Oct 17, 2024
Vulnerability Reserved
Sep 26, 2024

Credit

wesley