CVE-2024-8349

The Uncanny Groups for LearnDash plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 6.1.0.1. This is due to the plugin not properly restricting what users a group leader can edit. This makes it possible for authenticated attackers, with group leader-level access and above, to change admin account email addresses which can subsequently lead to admin account access.

CVSS v3 7.2 HIGH

7.2^/10

CVSS v3 : HIGH

Vector :

Exploitability : 1.2 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required HIGH

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://github.com/karlemilnikka/CVE-2024-8349-and-CVE-2024-8350	Third Party Advisory
https://www.wordfence.com/threat-intel/vulnerabilities/id/64cf0ae2-8d66-40d1-8bb6-0cab1dafab0d?source=cve	Third Party Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:uncannyowl:uncanny_groups_for_learndash:*:*:*:*:*:wordpress:*:*

History

No history.

Information

Published : 2024-09-25 03:15

Updated : 2024-10-02 16:50

NVD link : CVE-2024-8349

Mitre link : CVE-2024-8349

CVE.ORG link : CVE-2024-8349

JSON object : View

Products Affected

uncannyowl

uncanny_groups_for_learndash

CWE

CWE-862

Missing Authorization

{"id": "CVE-2024-8349", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "security@wordfence.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.2, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.2}]}, "published": "2024-09-25T03:15:03.817", "references": [{"url": "https://github.com/karlemilnikka/CVE-2024-8349-and-CVE-2024-8350", "tags": ["Third Party Advisory"], "source": "security@wordfence.com"}, {"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/64cf0ae2-8d66-40d1-8bb6-0cab1dafab0d?source=cve", "tags": ["Third Party Advisory"], "source": "security@wordfence.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "security@wordfence.com", "description": [{"lang": "en", "value": "CWE-862"}]}], "descriptions": [{"lang": "en", "value": "The Uncanny Groups for LearnDash plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 6.1.0.1. This is due to the plugin not properly restricting what users a group leader can edit. This makes it possible for authenticated attackers, with group leader-level access and above, to change admin account email addresses which can subsequently lead to admin account access."}, {"lang": "es", "value": "El complemento Uncanny Groups for LearnDash para WordPress es vulnerable a la escalada de privilegios en todas las versiones hasta la 6.1.0.1 incluida. Esto se debe a que el complemento no restringe adecuadamente los usuarios que un l\u00edder de grupo puede editar. Esto hace posible que los atacantes autenticados, con acceso de nivel de l\u00edder de grupo y superior, cambien las direcciones de correo electr\u00f3nico de las cuentas de administrador, lo que posteriormente puede dar lugar al acceso a las cuentas de administrador."}], "lastModified": "2024-10-02T16:50:09.673", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:uncannyowl:uncanny_groups_for_learndash:*:*:*:*:*:wordpress:*:*", "vulnerable": true, "matchCriteriaId": "A6B478AF-801A-43B4-AF80-EA80339FE5C8", "versionEndExcluding": "6.1.1"}], "operator": "OR"}]}], "sourceIdentifier": "security@wordfence.com"}