CVE-2024-1340 - Vulnerability Details - OpenCVE

The Login Lockdown – Protect Login Form plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the generate_export_file function in all versions up to, and including, 2.08. This makes it possible for authenticated attackers, with subscriber access and higher, to export this plugin's settings that include whitelisted IP addresses as well as a global unlock key. With the global unlock key an attacker can add their IP address to the whitelist.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

No data.

No data.

No data.

References

Link	Providers
https://plugins.trac.wordpress.org/browser/login-lockdown/trunk/libs/functions.php#L492
https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3033542%40login-lockdown%2Ftrunk&old=3027788%40login-lockdown%2Ftrunk&sfp_email=&sfph_mail=
https://www.wordfence.com/threat-intel/vulnerabilities/id/34021007-b5d3-479b-a0d4-50e301f22c9c?source=cve

History

No history.

MITRE

Status: PUBLISHED

Assigner: Wordfence

Published: 2024-02-20T18:56:25.837Z

Updated: 2024-08-01T18:33:25.429Z

Reserved: 2024-02-07T21:35:00.199Z

Link: CVE-2024-1340

Vulnrichment

Updated: 2024-08-01T18:33:25.429Z

NVD

Status : Awaiting Analysis

Published: 2024-02-29T01:43:48.777

Modified: 2024-11-21T08:50:22.180

Link: CVE-2024-1340

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-1340", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "state": "PUBLISHED", "assignerShortName": "Wordfence", "dateReserved": "2024-02-07T21:35:00.199Z", "datePublished": "2024-02-20T18:56:25.837Z", "dateUpdated": "2024-08-01T18:33:25.429Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2024-02-20T18:56:25.837Z"}, "affected": [{"vendor": "webfactory", "product": "Login Lockdown \u2013 Protect Login Form", "versions": [{"version": "*", "status": "affected", "lessThanOrEqual": "2.08", "versionType": "semver"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "The Login Lockdown \u2013 Protect Login Form plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the generate_export_file function in all versions up to, and including, 2.08. This makes it possible for authenticated attackers, with subscriber access and higher, to export this plugin's settings that include whitelisted IP addresses as well as a global unlock key. With the global unlock key an attacker can add their IP address to the whitelist."}], "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/34021007-b5d3-479b-a0d4-50e301f22c9c?source=cve"}, {"url": "https://plugins.trac.wordpress.org/browser/login-lockdown/trunk/libs/functions.php#L492"}, {"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3033542%40login-lockdown%2Ftrunk&old=3027788%40login-lockdown%2Ftrunk&sfp_email=&sfph_mail="}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-862 Missing Authorization"}]}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", "baseScore": 5.4, "baseSeverity": "MEDIUM"}}], "credits": [{"lang": "en", "type": "finder", "value": "Lucio S\u00e1"}], "timeline": [{"time": "2024-02-09T00:00:00.000+00:00", "lang": "en", "value": "Disclosed"}]}, "adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-1340", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-02-29T16:52:59.186465Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-04T18:00:52.008Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T18:33:25.429Z"}, "title": "CVE Program Container", "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/34021007-b5d3-479b-a0d4-50e301f22c9c?source=cve", "tags": ["x_transferred"]}, {"url": "https://plugins.trac.wordpress.org/browser/login-lockdown/trunk/libs/functions.php#L492", "tags": ["x_transferred"]}, {"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3033542%40login-lockdown%2Ftrunk&old=3027788%40login-lockdown%2Ftrunk&sfp_email=&sfph_mail=", "tags": ["x_transferred"]}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/34021007-b5d3-479b-a0d4-50e301f22c9c?source=cve", "tags": ["x_transferred"]}, {"url": "https://plugins.trac.wordpress.org/browser/login-lockdown/trunk/libs/functions.php#L492", "tags": ["x_transferred"]}, {"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3033542%40login-lockdown%2Ftrunk&old=3027788%40login-lockdown%2Ftrunk&sfp_email=&sfph_mail=", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T18:33:25.429Z"}}, {"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-1340", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-02-29T16:52:59.186465Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-05-23T19:01:13.932Z"}, "title": "CISA ADP Vulnrichment"}], "cna": {"credits": [{"lang": "en", "type": "finder", "value": "Lucio S\u00e1"}], "metrics": [{"cvssV3_1": {"version": "3.1", "baseScore": 5.4, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"}}], "affected": [{"vendor": "webfactory", "product": "Login Lockdown \u2013 Protect Login Form", "versions": [{"status": "affected", "version": "*", "versionType": "semver", "lessThanOrEqual": "2.08"}], "defaultStatus": "unaffected"}], "timeline": [{"lang": "en", "time": "2024-02-09T00:00:00.000+00:00", "value": "Disclosed"}], "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/34021007-b5d3-479b-a0d4-50e301f22c9c?source=cve"}, {"url": "https://plugins.trac.wordpress.org/browser/login-lockdown/trunk/libs/functions.php#L492"}, {"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3033542%40login-lockdown%2Ftrunk&old=3027788%40login-lockdown%2Ftrunk&sfp_email=&sfph_mail="}], "descriptions": [{"lang": "en", "value": "The Login Lockdown \u2013 Protect Login Form plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the generate_export_file function in all versions up to, and including, 2.08. This makes it possible for authenticated attackers, with subscriber access and higher, to export this plugin's settings that include whitelisted IP addresses as well as a global unlock key. With the global unlock key an attacker can add their IP address to the whitelist."}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-862 Missing Authorization"}]}], "providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2024-02-20T18:56:25.837Z"}}}, "cveMetadata": {"cveId": "CVE-2024-1340", "state": "PUBLISHED", "dateUpdated": "2024-08-01T18:33:25.429Z", "dateReserved": "2024-02-07T21:35:00.199Z", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "datePublished": "2024-02-20T18:56:25.837Z", "assignerShortName": "Wordfence"}, "dataVersion": "5.1"}

{"descriptions": [{"lang": "en", "value": "The Login Lockdown \u2013 Protect Login Form plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the generate_export_file function in all versions up to, and including, 2.08. This makes it possible for authenticated attackers, with subscriber access and higher, to export this plugin's settings that include whitelisted IP addresses as well as a global unlock key. With the global unlock key an attacker can add their IP address to the whitelist."}, {"lang": "es", "value": "El complemento Login Lockdown \u2013 Protect Login Form para WordPress es vulnerable al acceso no autorizado a los datos debido a una falta de verificaci\u00f3n de capacidad en la funci\u00f3n generate_export_file en todas las versiones hasta la 2.08 incluida. Esto hace posible que atacantes autenticados, con acceso de suscriptor y superior, exporten la configuraci\u00f3n de este complemento que incluye direcciones IP incluidas en la lista blanca, as\u00ed como una clave de desbloqueo global. Con la clave de desbloqueo global, un atacante puede agregar su direcci\u00f3n IP a la lista blanca."}], "id": "CVE-2024-1340", "lastModified": "2024-11-21T08:50:22.180", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 2.5, "source": "security@wordfence.com", "type": "Secondary"}]}, "published": "2024-02-29T01:43:48.777", "references": [{"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/browser/login-lockdown/trunk/libs/functions.php#L492"}, {"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3033542%40login-lockdown%2Ftrunk&old=3027788%40login-lockdown%2Ftrunk&sfp_email=&sfph_mail="}, {"source": "security@wordfence.com", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/34021007-b5d3-479b-a0d4-50e301f22c9c?source=cve"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://plugins.trac.wordpress.org/browser/login-lockdown/trunk/libs/functions.php#L492"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3033542%40login-lockdown%2Ftrunk&old=3027788%40login-lockdown%2Ftrunk&sfp_email=&sfph_mail="}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/34021007-b5d3-479b-a0d4-50e301f22c9c?source=cve"}], "sourceIdentifier": "security@wordfence.com", "vulnStatus": "Awaiting Analysis"}