CVE-2024-3729 – Frontend Admin by DynamiApps <= 3.19.4 - Improper Missing Encryption Exception Handling to Form Manipulation
https://notcve.org/view.php?id=CVE-2024-3729
The Frontend Admin by DynamiApps plugin for WordPress is vulnerable to improper missing encryption exception handling on the 'fea_encrypt' function in all versions up to, and including, 3.19.4. This makes it possible for unauthenticated attackers to manipulate the user processing forms, which can be used to add and edit administrator user for privilege escalation, or to automatically log in users for authentication bypass, or manipulate the post processing form that can be used to inject arbitrary web scripts. This can only be exploited if the 'openssl' php extension is not loaded on the server. El complemento Frontend Admin de DynamiApps para WordPress es vulnerable a un manejo inadecuado de excepciones de cifrado faltante en la función 'fea_encrypt' en todas las versiones hasta la 3.19.4 incluida. Esto hace posible que atacantes no autenticados manipulen los formularios de procesamiento del usuario, que se pueden usar para agregar y editar usuarios administradores para escalar privilegios, o para iniciar sesión automáticamente en los usuarios para omitir la autenticación, o manipular el formulario de posprocesamiento que se puede utilizar para inyectar scripts web arbitrarios. • https://plugins.trac.wordpress.org/browser/acf-frontend-form-element/tags/3.18.15/main/helpers.php#L617 https://plugins.trac.wordpress.org/changeset/3073379/acf-frontend-form-element#file4 https://www.wordfence.com/threat-intel/vulnerabilities/id/a2d22c5d-5ef5-4920-a1b5-e8284394c7e8?source=cve • CWE-636: Not Failing Securely ('Failing Open') •
CVE-2023-51411 – WordPress Frontend Admin by DynamiApps Plugin <= 3.18.3 is vulnerable to Arbitrary File Upload
https://notcve.org/view.php?id=CVE-2023-51411
Unrestricted Upload of File with Dangerous Type vulnerability in Shabti Kaplan Frontend Admin by DynamiApps.This issue affects Frontend Admin by DynamiApps: from n/a through 3.18.3. Vulnerabilidad de carga sin restricciones de archivos con tipo peligroso en Shabti Kaplan Frontend Admin by DynamiApps. Este problema afecta a Frontend Admin by DynamiApps: desde n/a hasta 3.18.3. The Frontend Admin by DynamiApps plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'ajax_add_attachment' function in all versions up to, and including, 3.18.3. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible. • https://patchstack.com/database/vulnerability/acf-frontend-form-element/wordpress-frontend-admin-by-dynamiapps-plugin-3-18-3-unauthenticated-arbitrary-file-upload-vulnerability?_s_id=cve • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVE-2022-4974 – Freemius SDK <= 2.4.2 - Missing Authorization Checks
https://notcve.org/view.php?id=CVE-2022-4974
The Freemius SDK, as used by hundreds of WordPress plugin and theme developers, was vulnerable to Cross-Site Request Forgery and Information disclosure due to missing capability checks and nonce protection on the _get_debug_log, _get_db_option, and the _set_db_option functions in versions up to, and including 2.4.2. Any WordPress plugin or theme running a version of Freemius less than 2.4.3 is vulnerable. • https://www.wordfence.com/threat-intel/vulnerabilities/id/39fb0499-9ab4-4a2f-b0db-ece86bcf4d42?source=cve https://wpscan.com/vulnerability/6dae6dca-7474-4008-9fe5-4c62b9f12d0a https://freemius.com/blog/managing-security-issues-open-source-freemius-sdk-security-disclosure https://wpdirectory.net/search/01FWPVWA7BC5DYGZHNSZQ9QMN5 https://wpdirectory.net/search/01G02RSGMFS1TPT63FS16RWEYR https://web.archive.org/web/20220225174410/https%3A//www.pluginvulnerabilities.com/2022/02/25/our-security-review-of-wordpress-plugin-found-freemius-li • CWE-862: Missing Authorization •