CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-7380 – Geo Controller <= 8.6.9 - Missing Authorization to Authenticated (Subscriber+) Menu Creation/Deletion
https://notcve.org/view.php?id=CVE-2024-7380
The Geo Controller plugin for WordPress is vulnerable to unauthorized menu creation/deletion due to missing capability checks on the ajax__geolocate_menu and ajax__geolocate_remove_menu functions in all versions up to, and including, 8.6.9. This makes it possible for authenticated attackers, with Subscriber-level access and above, to create or delete WordPress menus. The Geo Controller plugin for WordPress is vulnerable to unauthorized menu creation/deletion due to missing capability checks on the ajax__geolocate_menu and ajax__geolocate_remove_menu functions in all versions up to, and including, 8.7.3. This makes it possible for authenticated attackers, with Subscriber-level access and above, to create or delete WordPress menus. • https://plugins.trac.wordpress.org/browser/cf-geoplugin/tags/8.6.9/inc/classes/Menus.php#L519 https://plugins.trac.wordpress.org/browser/cf-geoplugin/tags/8.6.9/inc/classes/Menus.php#L606 https://www.wordfence.com/threat-intel/vulnerabilities/id/280e1b4d-08be-4e77-abcb-5f9079111595?source=cve • CWE-862: Missing Authorization •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-7381 – Geo Controller <= 8.6.9 - Missing Authorization to Unauthenticated Shortcode Execution
https://notcve.org/view.php?id=CVE-2024-7381
The Geo Controller plugin for WordPress is vulnerable to unauthorized shortcode execution due to missing authorization and capability checks on the ajax__shortcode_cache function in all versions up to, and including, 8.6.9. This makes it possible for unauthenticated attackers to execute arbitrary shortcodes available on the target site. • https://plugins.trac.wordpress.org/browser/cf-geoplugin/tags/8.6.9/inc/classes/Shortcodes.php#L1932 https://www.wordfence.com/threat-intel/vulnerabilities/id/4ed7b13a-eec3-4035-8815-15228fb05af1?source=cve • CWE-862: Missing Authorization •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2024-3591 – WordPress Geo Controller < 8.6.5 - PHP Object Injection
https://notcve.org/view.php?id=CVE-2024-3591
The Geo Controller WordPress plugin before 8.6.5 unserializes user input via some of its AJAX actions and REST API routes, which could allow unauthenticated users to perform PHP Object Injection when a suitable gadget is present on the blog. El complemento Geo Controller WordPress anterior a 8.6.5 deserializa la entrada del usuario a través de algunas de sus acciones AJAX y rutas API REST, lo que podría permitir a usuarios no autenticados realizar inyección de objetos PHP cuando hay un gadget adecuado presente en el blog. The Geo Controller plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 8.6.4 via deserialization of untrusted input supplied via the '/cache/shortcode' REST API route. This makes it possible for unauthenticated attackers to inject a PHP Object. If a POP chain is present via an additional plugin or theme installed on the target system, it could allow the attacker to delete arbitrary files, retrieve sensitive data, or execute code. • https://wpscan.com/vulnerability/f85d8b61-eaeb-433c-b857-06ee4db5c7d5 • CWE-502: Deserialization of Untrusted Data •