Lucene search

WpvulndbWPVDB-ID:CEDE41D6-749A-45F6-92B4-3A7C876C92ED

HistoryJun 13, 2024 - 12:00 a.m.

LatePoint Plugin < 4.9.9.1 - Missing Authorization and Sensitive Information Exposure via IDOR

2024-06-1300:00:00

wpscan.com

latepoint

wordpress

data exposure

CVSS3

9.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

AI Score

6.6

Confidence

High

JSON

Description The LatePoint Plugin plugin for WordPress is vulnerable to unauthorized access of data and modification of data due to a missing capability check on the ‘start_or_use_session_for_customer’ function in all versions up to and including 4.9.9. This makes it possible for unauthenticated attackers to view other customer’s cabinets, including the ability to view PII such as email addresses and to change their LatePoint user password, which may or may not be associated with a WordPress account.

References

www.wordfence.com/threat-intel/vulnerabilities/id/6215fa9f-06bc-4dc8-b1f5-a3bb75749f1d

CVSS3

9.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

AI Score

6.6

Confidence

High

JSON

Related for WPVDB-ID:CEDE41D6-749A-45F6-92B4-3A7C876C92ED