CVE-2023-3956 - OpenCVE

The InstaWP Connect plugin for WordPress is vulnerable to unauthorized access of data, modification of data and loss of data due to a missing capability check on the 'events_receiver' function in versions up to, and including, 0.0.9.18. This makes it possible for unauthenticated attackers to add, modify or delete post and taxonomy, install, activate or deactivate plugin, change customizer settings, add or modify or delete user including administrator user.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Instawp	Instawp Connect

Configuration 1 [-]

cpe:2.3:a:instawp:instawp_connect:*:*:*:*:*:wordpress:*:*

No data.

References

Link	Providers
https://plugins.trac.wordpress.org/browser/instawp-connect/tags/0.0.9.18/includes/class-instawp-rest-apis.php#L103
https://plugins.trac.wordpress.org/changeset/2942363/instawp-connect#file5
https://www.wordfence.com/threat-intel/vulnerabilities/id/48e7acf2-61d4-4762-8657-0701910ce69b?source=cve

History

No history.

MITRE

Status: PUBLISHED

Assigner: Wordfence

Published: 2023-07-27T06:54:14.804Z

Updated: 2024-08-02T07:08:50.660Z

Reserved: 2023-07-26T17:41:07.986Z

Link: CVE-2023-3956

Vulnrichment

No data.

NVD

Status : Modified

Published: 2023-07-27T07:15:09.857

Modified: 2023-11-07T04:20:01.623

Link: CVE-2023-3956

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-3956", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "state": "PUBLISHED", "assignerShortName": "Wordfence", "dateReserved": "2023-07-26T17:41:07.986Z", "datePublished": "2023-07-27T06:54:14.804Z", "dateUpdated": "2024-08-02T07:08:50.660Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2023-07-27T06:54:14.804Z"}, "affected": [{"vendor": "instawp", "product": "InstaWP Connect \u2013 1-click WP Staging & Migration (beta)", "versions": [{"version": "*", "status": "affected", "lessThanOrEqual": "0.0.9.18", "versionType": "semver"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "The InstaWP Connect plugin for WordPress is vulnerable to unauthorized access of data, modification of data and loss of data due to a missing capability check on the 'events_receiver' function in versions up to, and including, 0.0.9.18. This makes it possible for unauthenticated attackers to add, modify or delete post and taxonomy, install, activate or deactivate plugin, change customizer settings, add or modify or delete user including administrator user."}], "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/48e7acf2-61d4-4762-8657-0701910ce69b?source=cve"}, {"url": "https://plugins.trac.wordpress.org/browser/instawp-connect/tags/0.0.9.18/includes/class-instawp-rest-apis.php#L103"}, {"url": "https://plugins.trac.wordpress.org/changeset/2942363/instawp-connect#file5"}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-862 Missing Authorization"}]}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "baseScore": 9.8, "baseSeverity": "CRITICAL"}}], "credits": [{"lang": "en", "type": "finder", "value": "Lana Codes"}], "timeline": [{"time": "2023-07-22T00:00:00.000+00:00", "lang": "en", "value": "Discovered"}, {"time": "2023-07-22T00:00:00.000+00:00", "lang": "en", "value": "Vendor Notified"}, {"time": "2023-07-26T00:00:00.000+00:00", "lang": "en", "value": "Disclosed"}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T07:08:50.660Z"}, "title": "CVE Program Container", "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/48e7acf2-61d4-4762-8657-0701910ce69b?source=cve", "tags": ["x_transferred"]}, {"url": "https://plugins.trac.wordpress.org/browser/instawp-connect/tags/0.0.9.18/includes/class-instawp-rest-apis.php#L103", "tags": ["x_transferred"]}, {"url": "https://plugins.trac.wordpress.org/changeset/2942363/instawp-connect#file5", "tags": ["x_transferred"]}]}]}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:instawp:instawp_connect:*:*:*:*:*:wordpress:*:*", "matchCriteriaId": "CA84D292-8449-4A87-8D0A-84D08318737F", "versionEndIncluding": "0.0.9.18", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The InstaWP Connect plugin for WordPress is vulnerable to unauthorized access of data, modification of data and loss of data due to a missing capability check on the 'events_receiver' function in versions up to, and including, 0.0.9.18. This makes it possible for unauthenticated attackers to add, modify or delete post and taxonomy, install, activate or deactivate plugin, change customizer settings, add or modify or delete user including administrator user."}, {"lang": "es", "value": "El plugin InstaWP Connect para WordPress es vulnerable al acceso no autorizado de datos, modificaci\u00f3n de datos y p\u00e9rdida de datos debido a una comprobaci\u00f3n de capacidad faltante en la funci\u00f3n \"events_receiver\" en versiones hasta la 0.0.9.18 inclusive. Esto hace posible que atacantes no autenticados a\u00f1adan, modifiquen o eliminen entradas y taxonom\u00edas, instalen, activen o desactiven el plugin, cambien la configuraci\u00f3n del personalizador y a\u00f1adan, modifiquen o eliminen usuarios incluyendo el usuario administrador. "}], "id": "CVE-2023-3956", "lastModified": "2023-11-07T04:20:01.623", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "security@wordfence.com", "type": "Primary"}]}, "published": "2023-07-27T07:15:09.857", "references": [{"source": "security@wordfence.com", "tags": ["Patch"], "url": "https://plugins.trac.wordpress.org/browser/instawp-connect/tags/0.0.9.18/includes/class-instawp-rest-apis.php#L103"}, {"source": "security@wordfence.com", "tags": ["Patch"], "url": "https://plugins.trac.wordpress.org/changeset/2942363/instawp-connect#file5"}, {"source": "security@wordfence.com", "tags": ["Third Party Advisory"], "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/48e7acf2-61d4-4762-8657-0701910ce69b?source=cve"}], "sourceIdentifier": "security@wordfence.com", "vulnStatus": "Modified"}