CVE-2023-5559

10Web Booster < 2.24.18 - Unauthenticated Arbitrary Option Deletion

Severity Score

9.1

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

The 10Web Booster WordPress plugin before 2.24.18 does not validate the option name given to some AJAX actions, allowing unauthenticated users to delete arbitrary options from the database, leading to denial of service.

El complemento 10Web Booster de WordPress anterior al 24.2.18 no valida el nombre de opción dado a algunas acciones AJAX, lo que permite a usuarios no autenticados eliminar opciones arbitrarias de la base de datos, lo que lleva a la denegación de servicio.

The 10Web Booster – Website speed optimization, Cache & Page Speed optimizer plugin for WordPress is vulnerable to unauthorized loss of data due to insufficient validation on the option value being supplied to the two_init_flow_score and the two_init_flow_score functions hooked via nopriv AJAX in all versions up to, and including, 2.24.14. This makes it possible for unauthenticated attackers to delete arbitrary option values from the site.

*Credits: Krzysztof Zając, WPScan

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

High

Availability

High

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

Low

Availability

Low

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2023-10-12 CVE Reserved
2023-10-29 CVE Published
2024-08-02 CVE Updated
2024-08-02 First Exploit
2024-10-27 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date

CWE

CWE-639: Authorization Bypass Through User-Controlled Key

CAPEC

References (1)

URL	Tag	Source

URL	Date	SRC
https://wpscan.com/vulnerability/eba46f7d-e4db-400c-8032-015f21087bbf	2024-08-02

URL	Date	SRC

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
10web Search vendor "10web"		10web Booster Search vendor "10web" for product "10web Booster"				< 2.24.18 Search vendor "10web" for product "10web Booster" and version " < 2.24.18"		wordpress		Affected