CVE-2024-8121

2024-09-0407:15:04

CWE-862

[email protected]

web.nvd.nist.gov

wordpress

toolkit

vulnerability

user modification

function

authentication

access level

admin name

plugin

CVSS3

4.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

EPSS

0.001

Percentile

21.7%

JSON

The The Ultimate WordPress Toolkit – WP Extended plugin for WordPress is vulnerable to unauthorized modification of user names due to a missing capability check on the wpext_change_admin_name() function in all versions up to, and including, 3.0.8. This makes it possible for authenticated attackers, with Subscriber-level access and above, to change an admin’s username to a username of their liking as long as the default ‘admin’ was used.

Affected configurations

Nvd

Node

wpextendedwp_extendedRange<3.0.9wordpress

VendorProductVersionCPE
wpextendedwp_extended*cpe:2.3:a:wpextended:wp_extended:*:*:*:*:*:wordpress:*:*

Vendor	Product	Version	CPE
wpextended	wp_extended	*	cpe:2.3:a:wpextended:wp_extended::::::wordpress::*

References

plugins.trac.wordpress.org/browser/wpextended/trunk/includes/modules/core_extensions/wpext_block_user_name_admin/wpext_block_user_name_admin.php#L49

plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3145430%40wpextended%2Ftrunk&old=3134345%40wpextended%2Ftrunk&sfp_email=&sfph_mail=

www.wordfence.com/threat-intel/vulnerabilities/id/f3d08ac9-22f7-45f4-9896-05b90f5fce64?source=cve