Lucene search

WordfenceCVELIST:CVE-2023-1509

HistoryMar 29, 2023 - 10:14 a.m.

CVE-2023-1509

2023-03-2910:14:35

Wordfence

www.cve.org

wordpress

gmace plugin

cross-site request forgery

nonce validation

ajax action

remote code execution

forged request

site administrator

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

AI Score

Confidence

High

EPSS

0.009

Percentile

82.6%

JSON

The GMAce plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.5.2. This is due to missing nonce validation on the gmace_manager_server function called via the wp_ajax_gmace_manager AJAX action. This makes it possible for unauthenticated attackers to modify arbitrary files and achieve remote code execution via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.

CNA Affected

[
  {
    "vendor": "gmdragonx",
    "product": "GMAce",
    "versions": [
      {
        "version": "*",
        "status": "affected",
        "lessThanOrEqual": "1.5.2",
        "versionType": "semver"
      }
    ],
    "defaultStatus": "unaffected"
  }
]

References

plugins.trac.wordpress.org/browser/gmace/trunk/gmace.php?rev=1583327#L84

plugins.trac.wordpress.org/browser/gmace/trunk/inc/filemanager.php?rev=1583319#L27

www.wordfence.com/threat-intel/vulnerabilities/id/826b3913-9a37-4e15-80fd-b35cefb51af8?source=cve

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

AI Score

Confidence

High

EPSS

0.009

Percentile

82.6%

JSON

Related for CVELIST:CVE-2023-1509