Advertisement






Controlled Admin Access WordPress Plugin < = 1.4.0 - Improper Access Control & Privilege Esca

CVE Category Price Severity
CVE-2021-24215 CWE-284 Unknown High
Author Risk Exploitation Type Date
Unknown High Remote 2021-03-23
Our sensors found this exploit at: https://cxsecurity.com/ascii/WLB-2021030159

Below is a copy:

Controlled Admin Access WordPress Plugin <= 1.4.0 - Improper Access Control & Privilege Escalation
/*!
- # VULNERABILITY: Controlled Admin Access WordPress Plugin <= 1.4.0 - Improper Access Control & Privilege Escalation
- # GOOGLE DORK: inurl:/wp-content/plugins/controlled-admin-access/
- # DATE: 2021-03-18
- # SECURITY RESEARCHER: m0ze [ https://m0ze.ru ]
- # VENDOR: WPRuby [ https://wpruby.com ]
- # SOFTWARE VERSION: <= 1.4.0
- # SOFTWARE LINK: https://wordpress.org/plugins/controlled-admin-access/
- # CVSS: AV:N/AC:L/PR:L/UI:N/S:U
- # CWE: CWE-284
- # CVE: CVE-2021-24215
*/



### -- [ Info: ]

[i] An Improper Access Control vulnerability was discovered in the Controlled Admin Access plugin through 1.4.0 for WordPress.

[i] Uncontrolled access to the website customization functionality and global CMS settings, like /wp-admin/customization.php and /wp-admin/options.php, can lead to a complete compromise of the target resource.

[i] Even with the maximum restrictions for a temporary administrator account, several attack vectors are possible against the targeted website, the simplest and fastest is raising system privileges to the administrator level (w/o restrictions) and taking full control of the attacked website.



### -- [ Impact: ]

[~] Full compromise of the vulnerable web application and also web server.



### -- [ PoC #1 | Improper Access Control | Customize: ]

[!] https://example.com/wp-admin/customize.php



### -- [ PoC #2 | Improper Access Control | All Settings: ]

[!] https://example.com/wp-admin/options.php



### -- [ Contacts: ]

[+] Website: m0ze.ru
[+] GitHub: @m0ze
[+] Telegram: @m0ze_ru
[+] Twitter: @vladm0ze

Copyright ©2024 Exploitalert.

All trademarks used are properties of their respective owners. By visiting this website you agree to Terms of Use.