CVE-2024-2931 - Vulnerability Details - OpenCVE

The WPFront User Role Editor plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.2.1.11184 via the wpfront_user_role_editor_assign_roles_user_autocomplete AJAX action. This makes it possible for authenticated attackers, with subscriber-level access and above, to extract retrieve a list of all user email addresses who are registered on the site.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact Low

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable no

Technical Impact partial

Vendors	Products
Wpfront	Wpfront User Role Editor

Configuration 1 [-]

cpe:2.3:a:wpfront:wpfront_user_role_editor:*:*:*:*:*:wordpress:*:*

No data.

References

Link	Providers
https://inky-knuckle-2c2.notion.site/WPFront-User-Role-Editor-Information-disclosure-7435b8340a004f5f8485cad375326b2c
https://plugins.trac.wordpress.org/changeset/3061241/wpfront-user-role-editor/trunk/includes/users/class-assign-migrate.php
https://www.wordfence.com/threat-intel/vulnerabilities/id/078a0647-fc3a-436c-bf00-8776b16e66ff?source=cve

History

Mon, 17 Mar 2025 16:00:00 +0000

Type	Values Removed	Values Added
First Time appeared		Wpfront Wpfront wpfront User Role Editor
CPEs		cpe:2.3:a:wpfront:wpfront_user_role_editor::::::wordpress::*
Vendors & Products		Wpfront Wpfront wpfront User Role Editor

Tue, 04 Mar 2025 22:15:00 +0000

Type	Values Removed	Values Added
Weaknesses		CWE-200
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

MITRE

Status: PUBLISHED

Assigner: Wordfence

Published: 2024-04-02T08:32:29.442Z

Updated: 2025-03-04T21:51:17.580Z

Reserved: 2024-03-26T15:42:54.988Z

Link: CVE-2024-2931

Vulnrichment

Updated: 2024-08-01T19:32:42.021Z

NVD

Status : Analyzed

Published: 2024-04-02T09:15:07.567

Modified: 2025-03-17T15:40:51.540

Link: CVE-2024-2931

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-2931", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "state": "PUBLISHED", "assignerShortName": "Wordfence", "dateReserved": "2024-03-26T15:42:54.988Z", "datePublished": "2024-04-02T08:32:29.442Z", "dateUpdated": "2025-03-04T21:51:17.580Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2024-04-02T08:32:29.442Z"}, "affected": [{"vendor": "syammohanm", "product": "WPFront User Role Editor", "versions": [{"version": "*", "status": "affected", "lessThanOrEqual": "3.2.1.11184", "versionType": "semver"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "The WPFront User Role Editor plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.2.1.11184 via the wpfront_user_role_editor_assign_roles_user_autocomplete AJAX action. This makes it possible for authenticated attackers, with subscriber-level access and above, to extract retrieve a list of all user email addresses who are registered on the site."}], "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/078a0647-fc3a-436c-bf00-8776b16e66ff?source=cve"}, {"url": "https://inky-knuckle-2c2.notion.site/WPFront-User-Role-Editor-Information-disclosure-7435b8340a004f5f8485cad375326b2c"}, {"url": "https://plugins.trac.wordpress.org/changeset/3061241/wpfront-user-role-editor/trunk/includes/users/class-assign-migrate.php"}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-200 Information Exposure"}]}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "baseScore": 4.3, "baseSeverity": "MEDIUM"}}], "credits": [{"lang": "en", "type": "finder", "value": "amr khaled"}], "timeline": [{"time": "2024-04-01T00:00:00.000+00:00", "lang": "en", "value": "Disclosed"}]}, "adp": [{"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-200", "lang": "en", "description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor"}]}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "LOW"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2024-04-03T14:09:16.764223Z", "id": "CVE-2024-2931", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-03-04T21:51:17.580Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T19:32:42.021Z"}, "title": "CVE Program Container", "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/078a0647-fc3a-436c-bf00-8776b16e66ff?source=cve", "tags": ["x_transferred"]}, {"url": "https://inky-knuckle-2c2.notion.site/WPFront-User-Role-Editor-Information-disclosure-7435b8340a004f5f8485cad375326b2c", "tags": ["x_transferred"]}, {"url": "https://plugins.trac.wordpress.org/changeset/3061241/wpfront-user-role-editor/trunk/includes/users/class-assign-migrate.php", "tags": ["x_transferred"]}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/078a0647-fc3a-436c-bf00-8776b16e66ff?source=cve", "tags": ["x_transferred"]}, {"url": "https://inky-knuckle-2c2.notion.site/WPFront-User-Role-Editor-Information-disclosure-7435b8340a004f5f8485cad375326b2c", "tags": ["x_transferred"]}, {"url": "https://plugins.trac.wordpress.org/changeset/3061241/wpfront-user-role-editor/trunk/includes/users/class-assign-migrate.php", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T19:32:42.021Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "LOW"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2024-2931", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-04-03T14:09:16.764223Z"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-200", "description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-05-23T19:01:21.376Z"}}], "cna": {"credits": [{"lang": "en", "type": "finder", "value": "amr khaled"}], "metrics": [{"cvssV3_1": {"version": "3.1", "baseScore": 4.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"}}], "affected": [{"vendor": "syammohanm", "product": "WPFront User Role Editor", "versions": [{"status": "affected", "version": "*", "versionType": "semver", "lessThanOrEqual": "3.2.1.11184"}], "defaultStatus": "unaffected"}], "timeline": [{"lang": "en", "time": "2024-04-01T00:00:00.000+00:00", "value": "Disclosed"}], "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/078a0647-fc3a-436c-bf00-8776b16e66ff?source=cve"}, {"url": "https://inky-knuckle-2c2.notion.site/WPFront-User-Role-Editor-Information-disclosure-7435b8340a004f5f8485cad375326b2c"}, {"url": "https://plugins.trac.wordpress.org/changeset/3061241/wpfront-user-role-editor/trunk/includes/users/class-assign-migrate.php"}], "descriptions": [{"lang": "en", "value": "The WPFront User Role Editor plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.2.1.11184 via the wpfront_user_role_editor_assign_roles_user_autocomplete AJAX action. This makes it possible for authenticated attackers, with subscriber-level access and above, to extract retrieve a list of all user email addresses who are registered on the site."}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-200 Information Exposure"}]}], "providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2024-04-02T08:32:29.442Z"}}}, "cveMetadata": {"cveId": "CVE-2024-2931", "state": "PUBLISHED", "dateUpdated": "2025-03-04T21:51:17.580Z", "dateReserved": "2024-03-26T15:42:54.988Z", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "datePublished": "2024-04-02T08:32:29.442Z", "assignerShortName": "Wordfence"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:wpfront:wpfront_user_role_editor:*:*:*:*:*:wordpress:*:*", "matchCriteriaId": "F4B833FE-C391-4A48-91C1-93C46C7B93C1", "versionEndExcluding": "4.1.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The WPFront User Role Editor plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.2.1.11184 via the wpfront_user_role_editor_assign_roles_user_autocomplete AJAX action. This makes it possible for authenticated attackers, with subscriber-level access and above, to extract retrieve a list of all user email addresses who are registered on the site."}, {"lang": "es", "value": "El complemento WPFront User Role Editor para WordPress es vulnerable a la exposici\u00f3n de informaci\u00f3n confidencial en todas las versiones hasta la 3.2.1.11184 incluida a trav\u00e9s de la acci\u00f3n AJAX wpfront_user_role_editor_assign_roles_user_autocomplete. Esto hace posible que los atacantes autenticados, con acceso de nivel de suscriptor y superior, extraigan y recuperen una lista de todas las direcciones de correo electr\u00f3nico de los usuarios que est\u00e1n registrados en el sitio."}], "id": "CVE-2024-2931", "lastModified": "2025-03-17T15:40:51.540", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 1.4, "source": "security@wordfence.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 1.4, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2024-04-02T09:15:07.567", "references": [{"source": "security@wordfence.com", "tags": ["Product"], "url": "https://inky-knuckle-2c2.notion.site/WPFront-User-Role-Editor-Information-disclosure-7435b8340a004f5f8485cad375326b2c"}, {"source": "security@wordfence.com", "tags": ["Patch"], "url": "https://plugins.trac.wordpress.org/changeset/3061241/wpfront-user-role-editor/trunk/includes/users/class-assign-migrate.php"}, {"source": "security@wordfence.com", "tags": ["Third Party Advisory"], "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/078a0647-fc3a-436c-bf00-8776b16e66ff?source=cve"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Product"], "url": "https://inky-knuckle-2c2.notion.site/WPFront-User-Role-Editor-Information-disclosure-7435b8340a004f5f8485cad375326b2c"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://plugins.trac.wordpress.org/changeset/3061241/wpfront-user-role-editor/trunk/includes/users/class-assign-migrate.php"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/078a0647-fc3a-436c-bf00-8776b16e66ff?source=cve"}], "sourceIdentifier": "security@wordfence.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-200"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}