{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-6695", "assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81", "state": "PUBLISHED", "assignerShortName": "WPScan", "dateReserved": "2024-07-11T15:11:55.425Z", "datePublished": "2024-07-31T06:00:04.649Z", "dateUpdated": "2024-07-31T15:06:31.038Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81", "shortName": "WPScan", "dateUpdated": "2024-07-31T06:00:04.649Z"}, "title": "profile-builder <= 3.11.8 - Unauthenticated Privilege Escalation", "problemTypes": [{"descriptions": [{"description": "CWE-287 Improper Authentication", "lang": "en", "type": "CWE"}]}], "affected": [{"vendor": "Unknown", "product": "User Profile Builder", "versions": [{"status": "affected", "versionType": "semver", "version": "0", "lessThan": "3.11.9"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "it's possible for an attacker to gain administrative access without having any kind of account on the targeted site and perform unauthorized actions. This is due to improper logic flow on the user registration process."}], "references": [{"url": "https://wpscan.com/vulnerability/4afa5c85-ce27-4ca7-bba2-61fb39c53a5b/", "tags": ["exploit", "vdb-entry", "technical-description"]}], "credits": [{"lang": "en", "value": "John Castro", "type": "finder"}, {"lang": "en", "value": "WPScan", "type": "coordinator"}], "source": {"discovery": "EXTERNAL"}, "x_generator": {"engine": "WPScan CVE Generator"}}, "adp": [{"affected": [{"vendor": "cozmoslabs", "product": "profile_builder", "cpes": ["cpe:2.3:a:cozmoslabs:profile_builder:*:*:*:*:*:wordpress:*:*"], "defaultStatus": "unaffected", "versions": [{"version": "0", "status": "affected", "lessThan": "3.11.9", "versionType": "semver"}]}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2024-07-31T15:04:31.418676Z", "id": "CVE-2024-6695", "options": [{"Exploitation": "poc"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-31T15:06:31.038Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2024-6695", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-07-31T15:04:31.418676Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:cozmoslabs:profile_builder:*:*:*:*:*:wordpress:*:*"], "vendor": "cozmoslabs", "product": "profile_builder", "versions": [{"status": "affected", "version": "0", "lessThan": "3.11.9", "versionType": "semver"}], "defaultStatus": "unaffected"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-31T15:04:50.170Z"}}], "cna": {"title": "profile-builder <= 3.11.8 - Unauthenticated Privilege Escalation", "source": {"discovery": "EXTERNAL"}, "credits": [{"lang": "en", "type": "finder", "value": "John Castro"}, {"lang": "en", "type": "coordinator", "value": "WPScan"}], "affected": [{"vendor": "Unknown", "product": "User Profile Builder", "versions": [{"status": "affected", "version": "0", "lessThan": "3.11.9", "versionType": "semver"}], "defaultStatus": "unaffected"}], "references": [{"url": "https://wpscan.com/vulnerability/4afa5c85-ce27-4ca7-bba2-61fb39c53a5b/", "tags": ["exploit", "vdb-entry", "technical-description"]}], "x_generator": {"engine": "WPScan CVE Generator"}, "descriptions": [{"lang": "en", "value": "it's possible for an attacker to gain administrative access without having any kind of account on the targeted site and perform unauthorized actions. This is due to improper logic flow on the user registration process."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "description": "CWE-287 Improper Authentication"}]}], "providerMetadata": {"orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81", "shortName": "WPScan", "dateUpdated": "2024-07-31T06:00:04.649Z"}}}, "cveMetadata": {"cveId": "CVE-2024-6695", "state": "PUBLISHED", "dateUpdated": "2024-07-31T15:06:31.038Z", "dateReserved": "2024-07-11T15:11:55.425Z", "assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81", "datePublished": "2024-07-31T06:00:04.649Z", "assignerShortName": "WPScan"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:cozmoslabs:profile_builder:*:*:*:*:*:wordpress:*:*", "matchCriteriaId": "EC720AB1-5146-4426-89D3-A6C0A09E456C", "versionEndExcluding": "3.11.9", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "it's possible for an attacker to gain administrative access without having any kind of account on the targeted site and perform unauthorized actions. This is due to improper logic flow on the user registration process."}, {"lang": "es", "value": " Es posible que un atacante obtenga acceso administrativo sin tener ning\u00fan tipo de cuenta en el sitio objetivo y realice acciones no autorizadas. Esto se debe a un flujo l\u00f3gico inadecuado en el proceso de registro de usuarios."}], "id": "CVE-2024-6695", "lastModified": "2026-01-02T20:18:13.287", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2024-07-31T06:15:04.237", "references": [{"source": "contact@wpscan.com", "tags": ["Exploit", "Third Party Advisory"], "url": "https://wpscan.com/vulnerability/4afa5c85-ce27-4ca7-bba2-61fb39c53a5b/"}], "sourceIdentifier": "contact@wpscan.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-863"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{}