CVE-2023-0402 - OpenCVE

The Social Warfare plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on several AJAX actions in versions up to, and including, 4.3.0. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to delete post meta information and reset network access tokens.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact Low

Availability Impact Low

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Warfareplugins	Social Warfare

Configuration 1 [-]

cpe:2.3:a:warfareplugins:social_warfare:*:*:*:*:*:wordpress:*:*

No data.

References

Link	Providers
https://plugins.trac.wordpress.org/browser/social-warfare/trunk/lib/options/SWP_Options_Page.php?rev=2364155#L923
https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=2844092%40social-warfare&new=2844092%40social-warfare&sfp_email=&sfph_mail=
https://www.wordfence.com/threat-intel/vulnerabilities/id/4bc4ba2c-32eb-46c5-bb40-7c0150fc1ca4

History

No history.

MITRE

Status: PUBLISHED

Assigner: Wordfence

Published: 2023-01-19T14:07:08.694Z

Updated: 2024-08-02T05:10:55.925Z

Reserved: 2023-01-19T14:06:58.319Z

Link: CVE-2023-0402

Vulnrichment

No data.

NVD

Status : Modified

Published: 2023-01-19T15:15:13.813

Modified: 2023-11-07T04:00:24.353

Link: CVE-2023-0402

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-0402", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "state": "PUBLISHED", "assignerShortName": "Wordfence", "dateReserved": "2023-01-19T14:06:58.319Z", "datePublished": "2023-01-19T14:07:08.694Z", "dateUpdated": "2024-08-02T05:10:55.925Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2023-01-19T14:07:08.694Z"}, "affected": [{"vendor": "warfareplugins", "product": "Social Sharing Plugin \u2013 Social Warfare", "versions": [{"version": "*", "status": "affected", "lessThanOrEqual": "4.3.0", "versionType": "semver"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "The Social Warfare plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on several AJAX actions in versions up to, and including, 4.3.0. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to delete post meta information and reset network access tokens."}], "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/4bc4ba2c-32eb-46c5-bb40-7c0150fc1ca4"}, {"url": "https://plugins.trac.wordpress.org/browser/social-warfare/trunk/lib/options/SWP_Options_Page.php?rev=2364155#L923"}, {"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=2844092%40social-warfare&new=2844092%40social-warfare&sfp_email=&sfph_mail="}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-862 Missing Authorization"}]}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L", "baseScore": 5.4, "baseSeverity": "MEDIUM"}}], "credits": [{"lang": "en", "type": "finder", "value": "Marco Wotschka"}], "timeline": [{"time": "2023-01-05T00:00:00.000+00:00", "lang": "en", "value": "Disclosed"}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T05:10:55.925Z"}, "title": "CVE Program Container", "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/4bc4ba2c-32eb-46c5-bb40-7c0150fc1ca4", "tags": ["x_transferred"]}, {"url": "https://plugins.trac.wordpress.org/browser/social-warfare/trunk/lib/options/SWP_Options_Page.php?rev=2364155#L923", "tags": ["x_transferred"]}, {"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=2844092%40social-warfare&new=2844092%40social-warfare&sfp_email=&sfph_mail=", "tags": ["x_transferred"]}]}]}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:warfareplugins:social_warfare:*:*:*:*:*:wordpress:*:*", "matchCriteriaId": "EC3950F3-B8E1-472F-9441-5337956D6B9D", "versionEndIncluding": "4.3.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The Social Warfare plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on several AJAX actions in versions up to, and including, 4.3.0. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to delete post meta information and reset network access tokens."}, {"lang": "es", "value": "El complemento Social Warfare para WordPress es vulnerable a la omisi\u00f3n de autorizaci\u00f3n debido a una falta de verificaci\u00f3n de capacidad en varias acciones AJAX en versiones hasta la 4.3.0 incluida. Esto hace posible que los atacantes autenticados, con permisos de nivel de suscriptor y superiores, eliminen la metainformaci\u00f3n de la publicaci\u00f3n y restablezcan los tokens de acceso a la red."}], "id": "CVE-2023-0402", "lastModified": "2023-11-07T04:00:24.353", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 2.5, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 2.5, "source": "security@wordfence.com", "type": "Secondary"}]}, "published": "2023-01-19T15:15:13.813", "references": [{"source": "security@wordfence.com", "tags": ["Exploit", "Third Party Advisory"], "url": "https://plugins.trac.wordpress.org/browser/social-warfare/trunk/lib/options/SWP_Options_Page.php?rev=2364155#L923"}, {"source": "security@wordfence.com", "tags": ["Patch", "Third Party Advisory"], "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=2844092%40social-warfare&new=2844092%40social-warfare&sfp_email=&sfph_mail="}, {"source": "security@wordfence.com", "tags": ["Third Party Advisory"], "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/4bc4ba2c-32eb-46c5-bb40-7c0150fc1ca4"}], "sourceIdentifier": "security@wordfence.com", "vulnStatus": "Modified"}