Vulnerabilities

The plugin was affected by an Auth Bypass vulnerability. To bypass authentication, we only need to know the user’s username. Depending on whose username we know, which can be easily queried because it is usually public data, we may even be given an administrator role on the website.

The plugin was affected by a Non-Arbitrary File Upload and CSRF vulnerabilities. The two vulnerabilities allow us to upload files to the server, even with a script. Note: only limited file types can be uploaded.

The plugin was affected by an Auth Bypass vulnerability. To bypass authentication, we only need to know the user’s username. Depending on whose username we know, which can be easily queried because it is usually public data, we may even be given an administrator role on the client’s website. Note: The plugin was affected by Missing Authorization vulnerability too. There are a lot of vulnerabilities and bugs in the code. But the analysis only deals with Auth Bypass because it is the most serious vulnerability. Note: To exploit the vulnerability, we need to log in with a user with any role.

The plugin was affected by an Auth Bypass vulnerability. To bypass authentication, we only need to know the user’s email address. Depending on whose email address we know, we may even be given an administrator role on the client’s website. Note: The plugin was affected by Missing Authorization and Cross-Site Request Forgery (CSRF) vulnerabilities too. There are a lot of vulnerabilities and bugs in the code. But the analysis only deals with Auth Bypass because it is the most serious vulnerability.

The plugin was affected by Missing Authorization and Cross-Site Request Forgery (CSRF) vulnerabilities. The plugin creates a frontend user profile, groups, communities and messenger. However, the messenger is vulnerable because there is no user authentication, so the vulnerability allows us to list and modify other users’ messages.