Lucene search

WordfenceCVELIST:CVE-2023-3204

HistoryJun 20, 2024 - 2:08 a.m.

CVE-2023-3204 Materialis <= 1.1.24 - Missing Authorization to Limited Arbitrary Options Update

2024-06-2002:08:26

Wordfence

www.cve.org

materialis wordpress vulnerable

authorization missing

arbitrary options update

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

0.001 Low

EPSS

Percentile

22.0%

JSON

The Materialis theme for WordPress is vulnerable to limited arbitrary options updates in versions up to, and including, 1.1.24. This is due to missing authorization checks on the companion_disable_popup() function called via an AJAX action. This makes it possible for authenticated attackers, with minimal permissions such as subscribers, to modify any option on the site to a numerical value.

CNA Affected

[
  {
    "vendor": "extendthemes",
    "product": "Materialis",
    "versions": [
      {
        "version": "*",
        "status": "affected",
        "lessThanOrEqual": "1.1.24",
        "versionType": "semver"
      }
    ],
    "defaultStatus": "unaffected"
  }
]

References

themes.trac.wordpress.org/browser/materialis/1.1.20/inc/companion.php#L45

themes.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=231816%40materialis&new=231816%40materialis&sfp_email=&sfph_mail=#file6

www.wordfence.com/threat-intel/vulnerabilities/id/a2e05094-8344-4388-a703-518daf3d2948?source=cve

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

0.001 Low

EPSS

Percentile

22.0%

JSON

Related for CVELIST:CVE-2023-3204