CVE-2024-0866

Check & Log Email <= 1.0.9 - Unauthenticated Hook Injection

Severity Score

8.1

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

Track*

*SSVC

Descriptions

The Check & Log Email plugin for WordPress is vulnerable to Unauthenticated Hook Injection in all versions up to, and including, 1.0.9 via the check_nonce function. This makes it possible for unauthenticated attackers to execute actions with hooks in WordPress under certain circumstances. The action the attacker wishes to execute needs to have a nonce check, and the nonce needs to be known to the attacker. Furthermore, the absence of a capability check is a requirement.

El complemento Check & Log Email para WordPress es vulnerable a la inyección de gancho no autenticado en todas las versiones hasta la 1.0.9 incluida a través de la función check_nonce. Esto hace posible que atacantes no autenticados ejecuten acciones con ganchos en WordPress bajo ciertas circunstancias. La acción que el atacante desea ejecutar debe tener una verificación de nonce, y el atacante debe conocer el nonce. Además, es un requisito la ausencia de una verificación de capacidad.

*Credits: Sean Murphy

CVSS Scores

Wordfencev3.1 8.1

Attack Vector

Network

Attack Complexity

High

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

* Common Vulnerability Scoring System

SSVC

Decision:Track*

Exploitation

None

Automatable

Tech. Impact

Total

* Organization's Worst-case Scenario

Timeline

2024-01-24 CVE Reserved
2024-03-25 CVE Published
2024-03-26 EPSS Updated
2024-08-02 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-94: Improper Control of Generation of Code ('Code Injection')

CAPEC

References (2)

URL	Tag	Source
https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3050794%40check-email&new=3050794%40check-email&sfp_email=&sfph_mail=
https://www.wordfence.com/threat-intel/vulnerabilities/id/9ae9307c-680c-43c7-8246-a3e6149c1fb6?source=cve

URL	Date	SRC

URL	Date	SRC

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Checkemail Search vendor "Checkemail"		Check & Log Email Search vendor "Checkemail" for product "Check & Log Email"				<= 1.0.9 Search vendor "Checkemail" for product "Check & Log Email" and version " <= 1.0.9"		en		Affected