{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-7856", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "state": "PUBLISHED", "assignerShortName": "Wordfence", "dateReserved": "2024-08-15T17:01:22.836Z", "datePublished": "2024-08-29T03:52:57.401Z", "dateUpdated": "2024-08-29T14:07:23.168Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2024-08-29T03:52:57.401Z"}, "affected": [{"vendor": "sonaar", "product": "MP3 Audio Player \u2013 Music Player, Podcast Player & Radio by Sonaar", "versions": [{"version": "*", "status": "affected", "lessThanOrEqual": "5.7.0.1", "versionType": "semver"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "The MP3 Audio Player \u2013 Music Player, Podcast Player & Radio by Sonaar plugin for WordPress is vulnerable to unauthorized arbitrary file deletion due to a missing capability check on the removeTempFiles() function and insufficient path validation on the 'file' parameter in all versions up to, and including, 5.7.0.1. This makes it possible for authenticated attackers, with subscriber-level access and above, to delete arbitrary files which can make remote code execution possible when wp-config.php is deleted."}], "title": "MP3 Audio Player \u2013 Music Player, Podcast Player & Radio by Sonaar <= 5.7.0.1 - Missing Authorization to Authenticated (Subscriber+) Arbitrary File Deletion", "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/43adc9dd-1780-440f-90c2-ff05a22eb084?source=cve"}, {"url": "https://plugins.trac.wordpress.org/browser/mp3-music-player-by-sonaar/tags/5.7.0.1/includes/class-sonaar-music.php#L755"}, {"url": "https://plugins.trac.wordpress.org/changeset/3142445/mp3-music-player-by-sonaar/trunk/includes/class-sonaar-music.php"}, {"url": "https://plugins.trac.wordpress.org/browser/mp3-music-player-by-sonaar/tags/5.7.0.1/includes/class-sonaar-music.php#L739"}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-862 Missing Authorization", "cweId": "CWE-862", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", "baseScore": 9.1, "baseSeverity": "CRITICAL"}}], "credits": [{"lang": "en", "type": "finder", "value": "Arkadiusz Hydzik"}], "timeline": [{"time": "2024-08-28T00:00:00.000+00:00", "lang": "en", "value": "Disclosed"}]}, "adp": [{"affected": [{"vendor": "sonaar", "product": "mp3_audio_player_for_music\\,_radio_\\&_podcast", "cpes": ["cpe:2.3:a:sonaar:mp3_audio_player_for_music\\,_radio_\\&_podcast:-:*:*:*:*:wordpress:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "5.7.0.1", "versionType": "custom"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-08-29T14:04:58.469120Z", "id": "CVE-2024-7856", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-08-29T14:07:23.168Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-7856", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-08-29T14:04:58.469120Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:sonaar:mp3_audio_player_for_music\\,_radio_\\&_podcast:-:*:*:*:*:wordpress:*:*"], "vendor": "sonaar", "product": "mp3_audio_player_for_music\\,_radio_\\&_podcast", "versions": [{"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "5.7.0.1"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-08-29T14:07:18.633Z"}}], "cna": {"title": "MP3 Audio Player \u2013 Music Player, Podcast Player & Radio by Sonaar <= 5.7.0.1 - Missing Authorization to Authenticated (Subscriber+) Arbitrary File Deletion", "credits": [{"lang": "en", "type": "finder", "value": "Arkadiusz Hydzik"}], "metrics": [{"cvssV3_1": {"version": "3.1", "baseScore": 9.1, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H"}}], "affected": [{"vendor": "sonaar", "product": "MP3 Audio Player \u2013 Music Player, Podcast Player & Radio by Sonaar", "versions": [{"status": "affected", "version": "*", "versionType": "semver", "lessThanOrEqual": "5.7.0.1"}], "defaultStatus": "unaffected"}], "timeline": [{"lang": "en", "time": "2024-08-28T00:00:00.000+00:00", "value": "Disclosed"}], "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/43adc9dd-1780-440f-90c2-ff05a22eb084?source=cve"}, {"url": "https://plugins.trac.wordpress.org/browser/mp3-music-player-by-sonaar/tags/5.7.0.1/includes/class-sonaar-music.php#L755"}, {"url": "https://plugins.trac.wordpress.org/changeset/3142445/mp3-music-player-by-sonaar/trunk/includes/class-sonaar-music.php"}, {"url": "https://plugins.trac.wordpress.org/browser/mp3-music-player-by-sonaar/tags/5.7.0.1/includes/class-sonaar-music.php#L739"}], "descriptions": [{"lang": "en", "value": "The MP3 Audio Player \u2013 Music Player, Podcast Player & Radio by Sonaar plugin for WordPress is vulnerable to unauthorized arbitrary file deletion due to a missing capability check on the removeTempFiles() function and insufficient path validation on the 'file' parameter in all versions up to, and including, 5.7.0.1. This makes it possible for authenticated attackers, with subscriber-level access and above, to delete arbitrary files which can make remote code execution possible when wp-config.php is deleted."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-862", "description": "CWE-862 Missing Authorization"}]}], "providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2024-08-29T03:52:57.401Z"}}}, "cveMetadata": {"cveId": "CVE-2024-7856", "state": "PUBLISHED", "dateUpdated": "2024-08-29T14:07:23.168Z", "dateReserved": "2024-08-15T17:01:22.836Z", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "datePublished": "2024-08-29T03:52:57.401Z", "assignerShortName": "Wordfence"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:sonaar:mp3_audio_player_for_music\\,_radio_\\&_podcast:*:*:*:*:*:wordpress:*:*", "matchCriteriaId": "956198A1-8573-4706-8954-F7ECA57A4DC8", "versionEndExcluding": "5.7.1", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The MP3 Audio Player \u2013 Music Player, Podcast Player & Radio by Sonaar plugin for WordPress is vulnerable to unauthorized arbitrary file deletion due to a missing capability check on the removeTempFiles() function and insufficient path validation on the 'file' parameter in all versions up to, and including, 5.7.0.1. This makes it possible for authenticated attackers, with subscriber-level access and above, to delete arbitrary files which can make remote code execution possible when wp-config.php is deleted."}, {"lang": "es", "value": "El complemento MP3 Audio Player \u2013 Music Player, Podcast Player &amp; Radio de Sonaar para WordPress es vulnerable a la eliminaci\u00f3n arbitraria de archivos no autorizada debido a una verificaci\u00f3n de capacidad faltante en la funci\u00f3n removeTempFiles() y una validaci\u00f3n de ruta insuficiente en el par\u00e1metro 'file' en todas las versiones hasta la 5.7.0.1 incluida. Esto hace posible que atacantes autenticados, con acceso de nivel de suscriptor y superior, eliminen archivos arbitrarios que pueden hacer posible la ejecuci\u00f3n remota de c\u00f3digo cuando se elimina wp-config.php."}], "id": "CVE-2024-7856", "lastModified": "2024-09-13T18:14:47.280", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.2, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.1, "baseSeverity": "CRITICAL", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.2, "source": "security@wordfence.com", "type": "Secondary"}]}, "published": "2024-08-29T11:15:29.173", "references": [{"source": "security@wordfence.com", "tags": ["Product"], "url": "https://plugins.trac.wordpress.org/browser/mp3-music-player-by-sonaar/tags/5.7.0.1/includes/class-sonaar-music.php#L739"}, {"source": "security@wordfence.com", "tags": ["Product"], "url": "https://plugins.trac.wordpress.org/browser/mp3-music-player-by-sonaar/tags/5.7.0.1/includes/class-sonaar-music.php#L755"}, {"source": "security@wordfence.com", "tags": ["Patch"], "url": "https://plugins.trac.wordpress.org/changeset/3142445/mp3-music-player-by-sonaar/trunk/includes/class-sonaar-music.php"}, {"source": "security@wordfence.com", "tags": ["Third Party Advisory"], "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/43adc9dd-1780-440f-90c2-ff05a22eb084?source=cve"}], "sourceIdentifier": "security@wordfence.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-862"}], "source": "security@wordfence.com", "type": "Primary"}]}

{}