CVE-2024-1716 - Vulnerability Details - OpenCVE

The Admin Bar Remover plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the update_form() function in all versions up to, and including, 1.0.2.2. This makes it possible for authenticated attackers, with subscriber-level access and above, to enable or disable the admin bar on the front-end of the site.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact Low

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Wordpress	Wordpress

No data.

No data.

References

Link	Providers
https://plugins.trac.wordpress.org/browser/admin-bar/trunk/Inc/Classes/AdminBarRemover.php#L81
https://plugins.trac.wordpress.org/changeset/2955636/admin-bar/trunk
https://www.wordfence.com/threat-intel/vulnerabilities/id/dfbf2556-0509-4d8a-8949-494c6bc82ea1?source=cve

History

No history.

MITRE

Status: PUBLISHED

Assigner: Wordfence

Published: 2024-05-02T16:52:45.931Z

Updated: 2024-08-01T18:48:21.796Z

Reserved: 2024-02-21T17:20:02.476Z

Link: CVE-2024-1716

Vulnrichment

Updated: 2024-08-01T18:48:21.796Z

NVD

Status : Awaiting Analysis

Published: 2024-05-02T17:15:12.810

Modified: 2024-11-21T08:51:09.123

Link: CVE-2024-1716

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-1716", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "state": "PUBLISHED", "assignerShortName": "Wordfence", "dateReserved": "2024-02-21T17:20:02.476Z", "datePublished": "2024-05-02T16:52:45.931Z", "dateUpdated": "2024-08-01T18:48:21.796Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2024-05-02T16:52:45.931Z"}, "affected": [{"vendor": "litonice13", "product": "Admin Bar Editor \u2013 Hide Toolbar by User Roles", "versions": [{"version": "*", "status": "affected", "lessThanOrEqual": "1.0.2.2", "versionType": "semver"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "The Admin Bar Remover plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the update_form() function in all versions up to, and including, 1.0.2.2. This makes it possible for authenticated attackers, with subscriber-level access and above, to enable or disable the admin bar on the front-end of the site."}], "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/dfbf2556-0509-4d8a-8949-494c6bc82ea1?source=cve"}, {"url": "https://plugins.trac.wordpress.org/browser/admin-bar/trunk/Inc/Classes/AdminBarRemover.php#L81"}, {"url": "https://plugins.trac.wordpress.org/changeset/2955636/admin-bar/trunk"}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-862 Missing Authorization"}]}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", "baseScore": 4.3, "baseSeverity": "MEDIUM"}}], "credits": [{"lang": "en", "type": "finder", "value": "Lucio S\u00e1"}], "timeline": [{"time": "2024-04-26T00:00:00.000+00:00", "lang": "en", "value": "Disclosed"}]}, "adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-1716", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-05-02T19:50:45.726772Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-04T18:01:36.106Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T18:48:21.796Z"}, "title": "CVE Program Container", "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/dfbf2556-0509-4d8a-8949-494c6bc82ea1?source=cve", "tags": ["x_transferred"]}, {"url": "https://plugins.trac.wordpress.org/browser/admin-bar/trunk/Inc/Classes/AdminBarRemover.php#L81", "tags": ["x_transferred"]}, {"url": "https://plugins.trac.wordpress.org/changeset/2955636/admin-bar/trunk", "tags": ["x_transferred"]}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/dfbf2556-0509-4d8a-8949-494c6bc82ea1?source=cve", "tags": ["x_transferred"]}, {"url": "https://plugins.trac.wordpress.org/browser/admin-bar/trunk/Inc/Classes/AdminBarRemover.php#L81", "tags": ["x_transferred"]}, {"url": "https://plugins.trac.wordpress.org/changeset/2955636/admin-bar/trunk", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T18:48:21.796Z"}}, {"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-1716", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-05-02T19:50:45.726772Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-05-02T19:50:52.839Z"}, "title": "CISA ADP Vulnrichment"}], "cna": {"credits": [{"lang": "en", "type": "finder", "value": "Lucio S\u00e1"}], "metrics": [{"cvssV3_1": {"version": "3.1", "baseScore": 4.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"}}], "affected": [{"vendor": "litonice13", "product": "Admin Bar Editor \u2013 Hide Toolbar by User Roles", "versions": [{"status": "affected", "version": "*", "versionType": "semver", "lessThanOrEqual": "1.0.2.2"}], "defaultStatus": "unaffected"}], "timeline": [{"lang": "en", "time": "2024-04-26T00:00:00.000+00:00", "value": "Disclosed"}], "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/dfbf2556-0509-4d8a-8949-494c6bc82ea1?source=cve"}, {"url": "https://plugins.trac.wordpress.org/browser/admin-bar/trunk/Inc/Classes/AdminBarRemover.php#L81"}, {"url": "https://plugins.trac.wordpress.org/changeset/2955636/admin-bar/trunk"}], "descriptions": [{"lang": "en", "value": "The Admin Bar Remover plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the update_form() function in all versions up to, and including, 1.0.2.2. This makes it possible for authenticated attackers, with subscriber-level access and above, to enable or disable the admin bar on the front-end of the site."}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-862 Missing Authorization"}]}], "providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2024-05-02T16:52:45.931Z"}}}, "cveMetadata": {"cveId": "CVE-2024-1716", "state": "PUBLISHED", "dateUpdated": "2024-08-01T18:48:21.796Z", "dateReserved": "2024-02-21T17:20:02.476Z", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "datePublished": "2024-05-02T16:52:45.931Z", "assignerShortName": "Wordfence"}, "dataVersion": "5.1"}

{"descriptions": [{"lang": "en", "value": "The Admin Bar Remover plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the update_form() function in all versions up to, and including, 1.0.2.2. This makes it possible for authenticated attackers, with subscriber-level access and above, to enable or disable the admin bar on the front-end of the site."}, {"lang": "es", "value": "El complemento Admin Bar Remover para WordPress es vulnerable a modificaciones no autorizadas de datos debido a una falta de verificaci\u00f3n de capacidad en la funci\u00f3n update_form() en todas las versiones hasta la 1.0.2.2 incluida. Esto hace posible que los atacantes autenticados, con acceso a nivel de suscriptor y superior, habiliten o deshabiliten la barra de administraci\u00f3n en la interfaz del sitio."}], "id": "CVE-2024-1716", "lastModified": "2024-11-21T08:51:09.123", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 1.4, "source": "[email protected]", "type": "Secondary"}]}, "published": "2024-05-02T17:15:12.810", "references": [{"source": "[email protected]", "url": "https://plugins.trac.wordpress.org/browser/admin-bar/trunk/Inc/Classes/AdminBarRemover.php#L81"}, {"source": "[email protected]", "url": "https://plugins.trac.wordpress.org/changeset/2955636/admin-bar/trunk"}, {"source": "[email protected]", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/dfbf2556-0509-4d8a-8949-494c6bc82ea1?source=cve"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://plugins.trac.wordpress.org/browser/admin-bar/trunk/Inc/Classes/AdminBarRemover.php#L81"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://plugins.trac.wordpress.org/changeset/2955636/admin-bar/trunk"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/dfbf2556-0509-4d8a-8949-494c6bc82ea1?source=cve"}], "sourceIdentifier": "[email protected]", "vulnStatus": "Awaiting Analysis"}