Описание
The Civi - Job Board & Freelance Marketplace WordPress Theme plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 2.1.4. This is due to a lack of randomization of a password created during Single Sign-On via Google or Facebook. This makes it possible for unauthenticated attackers to change the password of arbitrary Candidate-level users if the attacker knows the username assigned to the victim during account creation.
The Civi - Job Board & Freelance Marketplace WordPress Theme plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 2.1.4. This is due to a lack of randomization of a password created during Single Sign-On via Google or Facebook. This makes it possible for unauthenticated attackers to change the password of arbitrary Candidate-level users if the attacker knows the username assigned to the victim during account creation.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2024-13772
- https://themeforest.net/item/civi-job-board-wordpress-theme/42770817#item-description__changelogs
- https://www.wordfence.com/threat-intel/vulnerabilities/id/bf04f458-7900-4dd3-84fb-169b74db97ab?source=cve
- http://localhost:1337/wp-content/themes/civi/includes/class-ajax.php#L567
- http://localhost:1337/wp-content/themes/civi/includes/class-ajax.php#L739
Связанные уязвимости
The Civi - Job Board & Freelance Marketplace WordPress Theme plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 2.1.6.1. This is due to a lack of password randomization and user validation through the fb_ajax_login_or_register and google_ajax_login_or_register actions. This makes it possible for unauthenticated attackers to login as any user as long as they have access to the email.