CVE-2023-6966

The The Moneytizer plugin for WordPress is vulnerable to unauthorized access of data, modification of data, and loss of data due to a missing capability check on multiple AJAX functions in the /core/core_ajax.php file in all versions up to, and including, 9.5.20. This makes it possible for authenticated attackers, with subscriber access and above, to update and retrieve billing and bank details, update and reset the plugin's settings, and update languages as well as other lower-severity actions.

CVSS v3 8.1 HIGH

8.1^/10

CVSS v3 : HIGH

Vector :

Exploitability : 2.8 / Impact : 5.2

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://plugins.trac.wordpress.org/browser/the-moneytizer/trunk/core/core_ajax.php	Patch
https://www.wordfence.com/threat-intel/vulnerabilities/id/71823e36-3899-4253-a1d2-c6f8921d18dc?source=cve	Third Party Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:themoneytizer:the_moneytizer:*:*:*:*:*:wordpress:*:*

History

No history.

Information

Published : 2024-06-06 02:15

Updated : 2024-07-15 18:55

NVD link : CVE-2023-6966

Mitre link : CVE-2023-6966

CVE.ORG link : CVE-2023-6966

JSON object : View

Products Affected

themoneytizer

the_moneytizer

CWE

CWE-862

Missing Authorization

{"id": "CVE-2023-6966", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "security@wordfence.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.1, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.2, "exploitabilityScore": 2.8}]}, "published": "2024-06-06T02:15:52.607", "references": [{"url": "https://plugins.trac.wordpress.org/browser/the-moneytizer/trunk/core/core_ajax.php", "tags": ["Patch"], "source": "security@wordfence.com"}, {"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/71823e36-3899-4253-a1d2-c6f8921d18dc?source=cve", "tags": ["Third Party Advisory"], "source": "security@wordfence.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-862"}]}], "descriptions": [{"lang": "en", "value": "The The Moneytizer plugin for WordPress is vulnerable to unauthorized access of data, modification of data, and loss of data due to a missing capability check on multiple AJAX functions in the /core/core_ajax.php file in all versions up to, and including, 9.5.20. This makes it possible for authenticated attackers, with subscriber access and above, to update and retrieve billing and bank details, update and reset the plugin's settings, and update languages as well as other lower-severity actions."}, {"lang": "es", "value": "El complemento The Moneytizer para WordPress es vulnerable al acceso no autorizado a datos, modificaci\u00f3n de datos y p\u00e9rdida de datos debido a una falta de verificaci\u00f3n de capacidad en m\u00faltiples funciones AJAX en el archivo /core/core_ajax.php en todas las versiones hasta, e incluyendo, 9.5.20. Esto hace posible que atacantes autenticados, con acceso de suscriptor y superior, actualicen y recuperen detalles bancarios y de facturaci\u00f3n, actualicen y restablezcan la configuraci\u00f3n del complemento y actualicen idiomas, as\u00ed como otras acciones de menor gravedad."}], "lastModified": "2024-07-15T18:55:57.513", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:themoneytizer:the_moneytizer:*:*:*:*:*:wordpress:*:*", "vulnerable": true, "matchCriteriaId": "80061CEE-BA8D-4D0D-9105-80A52D957F76", "versionEndExcluding": "10.0.1"}], "operator": "OR"}]}], "sourceIdentifier": "security@wordfence.com"}