Описание
The Wordable plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 3.1.1. This is due to the use of a user supplied hashing algorithm passed to the hash_hmac() function and the use of a loose comparison on the hash which allows an attacker to trick the function into thinking it has a valid hash. This makes it possible for unauthenticated attackers to gain administrator privileges.
The Wordable plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 3.1.1. This is due to the use of a user supplied hashing algorithm passed to the hash_hmac() function and the use of a loose comparison on the hash which allows an attacker to trick the function into thinking it has a valid hash. This makes it possible for unauthenticated attackers to gain administrator privileges.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2020-36724
- https://blog.nintechnet.com/wordpress-plugins-and-themes-vulnerabilities-roundup
- https://plugins.trac.wordpress.org/changeset/2234193/wordable/trunk/wordable.php
- https://www.wordfence.com/threat-intel/vulnerabilities/id/be1ab218-37bd-407a-8cb9-66f761849c21?source=cve
Связанные уязвимости
The Wordable plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 3.1.1. This is due to the use of a user supplied hashing algorithm passed to the hash_hmac() function and the use of a loose comparison on the hash which allows an attacker to trick the function into thinking it has a valid hash. This makes it possible for unauthenticated attackers to gain administrator privileges.