CVE-2024-3602

The Pop ups, Exit intent popups, email popups, banners, bars, countdowns and cart savers – Promolayer plugin for WordPress is vulnerable to unauthorized plugin settings update due to a missing capability check on the disconnect_promolayer function in all versions up to, and including, 1.1.0. This makes it possible for authenticated attackers, with subscriber access or higher, to remove the Promolayer connection.

CVSS v3 4.3 MEDIUM

4.3^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 2.8 / Impact : 1.4

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact LOW

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://plugins.trac.wordpress.org/browser/promolayer-popup-builder/trunk/admin/class-promolayer-admin.php#L208	Product
https://www.wordfence.com/threat-intel/vulnerabilities/id/05b051bc-3b1c-412e-b3d0-98ff2c8bc06e?source=cve	Third Party Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:promolayer:popup_builder:*:*:*:*:*:wordpress:*:*

History

No history.

Information

Published : 2024-06-20 02:15

Updated : 2024-07-15 16:50

NVD link : CVE-2024-3602

Mitre link : CVE-2024-3602

CVE.ORG link : CVE-2024-3602

JSON object : View

Products Affected

promolayer

popup_builder

CWE

CWE-862

Missing Authorization

{"id": "CVE-2024-3602", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "security@wordfence.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 1.4, "exploitabilityScore": 2.8}]}, "published": "2024-06-20T02:15:10.590", "references": [{"url": "https://plugins.trac.wordpress.org/browser/promolayer-popup-builder/trunk/admin/class-promolayer-admin.php#L208", "tags": ["Product"], "source": "security@wordfence.com"}, {"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/05b051bc-3b1c-412e-b3d0-98ff2c8bc06e?source=cve", "tags": ["Third Party Advisory"], "source": "security@wordfence.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-862"}]}], "descriptions": [{"lang": "en", "value": "The Pop ups, Exit intent popups, email popups, banners, bars, countdowns and cart savers \u2013 Promolayer plugin for WordPress is vulnerable to unauthorized plugin settings update due to a missing capability check on the disconnect_promolayer function in all versions up to, and including, 1.1.0. This makes it possible for authenticated attackers, with subscriber access or higher, to remove the Promolayer connection."}, {"lang": "es", "value": "El complemento Pop ups, Exit intent popups, email popups, banners, bars, countdowns and cart savers \u2013 Promolayer para WordPress es vulnerable a actualizaciones no autorizadas de la configuraci\u00f3n del complemento debido a una falta de verificaci\u00f3n de capacidad en la funci\u00f3n de desconexi\u00f3n_promolayer en todas las versiones hasta, e incluyendo, 1.1.0. Esto hace posible que atacantes autenticados, con acceso de suscriptor o superior, eliminen la conexi\u00f3n de Promolayer."}], "lastModified": "2024-07-15T16:50:36.190", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:promolayer:popup_builder:*:*:*:*:*:wordpress:*:*", "vulnerable": true, "matchCriteriaId": "1E7A110C-D1CE-4C9F-9C3F-A8422DDD0505", "versionEndIncluding": "1.1.0"}], "operator": "OR"}]}], "sourceIdentifier": "security@wordfence.com"}