CVE-2024-3602 - OpenCVE

The Pop ups, Exit intent popups, email popups, banners, bars, countdowns and cart savers – Promolayer plugin for WordPress is vulnerable to unauthorized plugin settings update due to a missing capability check on the disconnect_promolayer function in all versions up to, and including, 1.1.0. This makes it possible for authenticated attackers, with subscriber access or higher, to remove the Promolayer connection.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact Low

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Promolayer	Popup Builder

Configuration 1 [-]

cpe:2.3:a:promolayer:popup_builder:*:*:*:*:*:wordpress:*:*

No data.

References

Link	Providers
https://plugins.trac.wordpress.org/browser/promolayer-popup-builder/trunk/admin/class-promolayer-admin.php#L208
https://www.wordfence.com/threat-intel/vulnerabilities/id/05b051bc-3b1c-412e-b3d0-98ff2c8bc06e?source=cve

History

No history.

MITRE

Status: PUBLISHED

Assigner: Wordfence

Published: 2024-06-20T02:08:19.025Z

Updated: 2024-08-01T20:12:08.142Z

Reserved: 2024-04-10T16:22:09.131Z

Link: CVE-2024-3602

Vulnrichment

Updated: 2024-08-01T20:12:08.142Z

NVD

Status : Analyzed

Published: 2024-06-20T02:15:10.590

Modified: 2024-07-15T16:50:36.190

Link: CVE-2024-3602

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-3602", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "state": "PUBLISHED", "assignerShortName": "Wordfence", "dateReserved": "2024-04-10T16:22:09.131Z", "datePublished": "2024-06-20T02:08:19.025Z", "dateUpdated": "2024-08-01T20:12:08.142Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2024-06-20T02:08:19.025Z"}, "affected": [{"vendor": "promolayerpopupbuilder", "product": "Pop ups, Exit intent popups, email popups, banners, bars, countdowns and cart savers \u2013 Promolayer", "versions": [{"version": "*", "status": "affected", "lessThanOrEqual": "1.1.0", "versionType": "semver"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "The Pop ups, Exit intent popups, email popups, banners, bars, countdowns and cart savers \u2013 Promolayer plugin for WordPress is vulnerable to unauthorized plugin settings update due to a missing capability check on the disconnect_promolayer function in all versions up to, and including, 1.1.0. This makes it possible for authenticated attackers, with subscriber access or higher, to remove the Promolayer connection."}], "title": "Pop ups, Exit intent popups, email popups, banners, bars, countdowns and cart savers \u2013 Promolayer <= 1.1.0 - Missing Authorization", "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/05b051bc-3b1c-412e-b3d0-98ff2c8bc06e?source=cve"}, {"url": "https://plugins.trac.wordpress.org/browser/promolayer-popup-builder/trunk/admin/class-promolayer-admin.php#L208"}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-862 Missing Authorization"}]}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", "baseScore": 4.3, "baseSeverity": "MEDIUM"}}], "credits": [{"lang": "en", "type": "finder", "value": "Lucio S\u00e1"}], "timeline": [{"time": "2024-06-19T12:18:10.000+00:00", "lang": "en", "value": "Disclosed"}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-06-20T13:39:07.731351Z", "id": "CVE-2024-3602", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-20T13:39:33.237Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T20:12:08.142Z"}, "title": "CVE Program Container", "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/05b051bc-3b1c-412e-b3d0-98ff2c8bc06e?source=cve", "tags": ["x_transferred"]}, {"url": "https://plugins.trac.wordpress.org/browser/promolayer-popup-builder/trunk/admin/class-promolayer-admin.php#L208", "tags": ["x_transferred"]}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/05b051bc-3b1c-412e-b3d0-98ff2c8bc06e?source=cve", "tags": ["x_transferred"]}, {"url": "https://plugins.trac.wordpress.org/browser/promolayer-popup-builder/trunk/admin/class-promolayer-admin.php#L208", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T20:12:08.142Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-3602", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-06-20T13:39:07.731351Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-20T13:39:29.758Z"}}], "cna": {"title": "Pop ups, Exit intent popups, email popups, banners, bars, countdowns and cart savers \u2013 Promolayer <= 1.1.0 - Missing Authorization", "credits": [{"lang": "en", "type": "finder", "value": "Lucio S\u00e1"}], "metrics": [{"cvssV3_1": {"version": "3.1", "baseScore": 4.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"}}], "affected": [{"vendor": "promolayerpopupbuilder", "product": "Pop ups, Exit intent popups, email popups, banners, bars, countdowns and cart savers \u2013 Promolayer", "versions": [{"status": "affected", "version": "*", "versionType": "semver", "lessThanOrEqual": "1.1.0"}], "defaultStatus": "unaffected"}], "timeline": [{"lang": "en", "time": "2024-06-19T12:18:10.000+00:00", "value": "Disclosed"}], "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/05b051bc-3b1c-412e-b3d0-98ff2c8bc06e?source=cve"}, {"url": "https://plugins.trac.wordpress.org/browser/promolayer-popup-builder/trunk/admin/class-promolayer-admin.php#L208"}], "descriptions": [{"lang": "en", "value": "The Pop ups, Exit intent popups, email popups, banners, bars, countdowns and cart savers \u2013 Promolayer plugin for WordPress is vulnerable to unauthorized plugin settings update due to a missing capability check on the disconnect_promolayer function in all versions up to, and including, 1.1.0. This makes it possible for authenticated attackers, with subscriber access or higher, to remove the Promolayer connection."}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-862 Missing Authorization"}]}], "providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2024-06-20T02:08:19.025Z"}}}, "cveMetadata": {"cveId": "CVE-2024-3602", "state": "PUBLISHED", "dateUpdated": "2024-08-01T20:12:08.142Z", "dateReserved": "2024-04-10T16:22:09.131Z", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "datePublished": "2024-06-20T02:08:19.025Z", "assignerShortName": "Wordfence"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:promolayer:popup_builder:*:*:*:*:*:wordpress:*:*", "matchCriteriaId": "1E7A110C-D1CE-4C9F-9C3F-A8422DDD0505", "versionEndIncluding": "1.1.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The Pop ups, Exit intent popups, email popups, banners, bars, countdowns and cart savers \u2013 Promolayer plugin for WordPress is vulnerable to unauthorized plugin settings update due to a missing capability check on the disconnect_promolayer function in all versions up to, and including, 1.1.0. This makes it possible for authenticated attackers, with subscriber access or higher, to remove the Promolayer connection."}, {"lang": "es", "value": "El complemento Pop ups, Exit intent popups, email popups, banners, bars, countdowns and cart savers \u2013 Promolayer para WordPress es vulnerable a actualizaciones no autorizadas de la configuraci\u00f3n del complemento debido a una falta de verificaci\u00f3n de capacidad en la funci\u00f3n de desconexi\u00f3n_promolayer en todas las versiones hasta, e incluyendo, 1.1.0. Esto hace posible que atacantes autenticados, con acceso de suscriptor o superior, eliminen la conexi\u00f3n de Promolayer."}], "id": "CVE-2024-3602", "lastModified": "2024-07-15T16:50:36.190", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 1.4, "source": "security@wordfence.com", "type": "Primary"}]}, "published": "2024-06-20T02:15:10.590", "references": [{"source": "security@wordfence.com", "tags": ["Product"], "url": "https://plugins.trac.wordpress.org/browser/promolayer-popup-builder/trunk/admin/class-promolayer-admin.php#L208"}, {"source": "security@wordfence.com", "tags": ["Third Party Advisory"], "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/05b051bc-3b1c-412e-b3d0-98ff2c8bc06e?source=cve"}], "sourceIdentifier": "security@wordfence.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-862"}], "source": "nvd@nist.gov", "type": "Primary"}]}