All the vulnerabilites related to scriptsbundle - AdForest
cve-2024-11350
Vulnerability from cvelistv5
Published
2025-01-08 08:18
Modified
2025-01-08 14:07
Severity ?
EPSS score ?
Summary
The AdForest theme for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 5.1.6. This is due to the plugin not properly validating a user's identity prior to updating their password through the adforest_reset_password() function. This makes it possible for unauthenticated attackers to change arbitrary user's passwords, including administrators, and leverage that to gain access to their account.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | scriptsbundle | AdForest |
Version: * ≤ 5.1.6 |
|
{ containers: { adp: [ { metrics: [ { other: { content: { id: "CVE-2024-11350", options: [ { Exploitation: "none", }, { Automatable: "yes", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-01-08T14:07:18.315870Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-01-08T14:07:34.745Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "AdForest", vendor: "scriptsbundle", versions: [ { lessThanOrEqual: "5.1.6", status: "affected", version: "*", versionType: "semver", }, ], }, ], credits: [ { lang: "en", type: "finder", value: "Tonn", }, ], descriptions: [ { lang: "en", value: "The AdForest theme for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 5.1.6. This is due to the plugin not properly validating a user's identity prior to updating their password through the adforest_reset_password() function. This makes it possible for unauthenticated attackers to change arbitrary user's passwords, including administrators, and leverage that to gain access to their account.", }, ], metrics: [ { cvssV3_1: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-640", description: "CWE-640 Weak Password Recovery Mechanism for Forgotten Password", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-01-08T08:18:16.723Z", orgId: "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", shortName: "Wordfence", }, references: [ { url: "https://www.wordfence.com/threat-intel/vulnerabilities/id/4ebb766a-44e9-460c-be84-356b7403e593?source=cve", }, { url: "https://themeforest.net/item/adforest-classified-wordpress-theme/19481695", }, ], timeline: [ { lang: "en", time: "2024-12-20T00:00:00.000+00:00", value: "Disclosed", }, ], title: "AdForest <= 5.1.6 - Privilege Escalation via Password Reset/Account Takeover", }, }, cveMetadata: { assignerOrgId: "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", assignerShortName: "Wordfence", cveId: "CVE-2024-11350", datePublished: "2025-01-08T08:18:16.723Z", dateReserved: "2024-11-18T16:49:17.332Z", dateUpdated: "2025-01-08T14:07:34.745Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-12855
Vulnerability from cvelistv5
Published
2025-01-08 08:18
Modified
2025-01-08 14:04
Severity ?
EPSS score ?
Summary
The AdForest theme for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on several AJAX actions like 'sb_remove_ad' in all versions up to, and including, 5.1.7. This makes it possible for authenticated attackers, with Subscriber-level access and above, to delete posts, attachments and deactivate a license.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | scriptsbundle | AdForest |
Version: * ≤ 5.1.7 |
|
{ containers: { adp: [ { metrics: [ { other: { content: { id: "CVE-2024-12855", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-01-08T14:03:50.342300Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-01-08T14:04:04.386Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "AdForest", vendor: "scriptsbundle", versions: [ { lessThanOrEqual: "5.1.7", status: "affected", version: "*", versionType: "semver", }, ], }, ], credits: [ { lang: "en", type: "finder", value: "Lucio Sá", }, ], descriptions: [ { lang: "en", value: "The AdForest theme for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on several AJAX actions like 'sb_remove_ad' in all versions up to, and including, 5.1.7. This makes it possible for authenticated attackers, with Subscriber-level access and above, to delete posts, attachments and deactivate a license.", }, ], metrics: [ { cvssV3_1: { baseScore: 4.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-862", description: "CWE-862 Missing Authorization", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-01-08T08:18:17.853Z", orgId: "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", shortName: "Wordfence", }, references: [ { url: "https://www.wordfence.com/threat-intel/vulnerabilities/id/db7f5553-758b-47ab-8319-a549b73f4cfa?source=cve", }, { url: "https://themeforest.net/item/adforest-classified-wordpress-theme/19481695", }, ], timeline: [ { lang: "en", time: "2025-01-07T00:00:00.000+00:00", value: "Disclosed", }, ], title: "AdForest - Classified Ads WordPress Theme <= 5.1.7 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Post/Attachment Deletion", }, }, cveMetadata: { assignerOrgId: "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", assignerShortName: "Wordfence", cveId: "CVE-2024-12855", datePublished: "2025-01-08T08:18:17.853Z", dateReserved: "2024-12-20T16:10:51.436Z", dateUpdated: "2025-01-08T14:04:04.386Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-11349
Vulnerability from cvelistv5
Published
2024-12-21 04:22
Modified
2024-12-28 00:51
Severity ?
EPSS score ?
Summary
The AdForest theme for WordPress is vulnerable to authentication bypass in all versions up to, and including, 5.1.6. This is due to the plugin not properly verifying a user's identity prior to authenticating them through the sb_login_user_with_otp_fun() function. This makes it possible for unauthenticated attackers to log in as arbitrary users, including administrators.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | scriptsbundle | AdForest |
Version: * ≤ 5.1.6 |
|
{ containers: { adp: [ { metrics: [ { other: { content: { id: "CVE-2024-11349", options: [ { Exploitation: "none", }, { Automatable: "yes", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-12-23T16:43:21.405263Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-12-28T00:51:22.860Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "AdForest", vendor: "scriptsbundle", versions: [ { lessThanOrEqual: "5.1.6", status: "affected", version: "*", versionType: "semver", }, ], }, ], credits: [ { lang: "en", type: "finder", value: "Tonn", }, ], descriptions: [ { lang: "en", value: "The AdForest theme for WordPress is vulnerable to authentication bypass in all versions up to, and including, 5.1.6. This is due to the plugin not properly verifying a user's identity prior to authenticating them through the sb_login_user_with_otp_fun() function. This makes it possible for unauthenticated attackers to log in as arbitrary users, including administrators.", }, ], metrics: [ { cvssV3_1: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-288", description: "CWE-288 Authentication Bypass Using an Alternate Path or Channel", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-12-21T04:22:17.791Z", orgId: "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", shortName: "Wordfence", }, references: [ { url: "https://www.wordfence.com/threat-intel/vulnerabilities/id/f374b3d1-820b-473f-8d2b-c3267e6d23d9?source=cve", }, { url: "https://themeforest.net/item/adforest-classified-wordpress-theme/19481695", }, ], timeline: [ { lang: "en", time: "2024-12-20T00:00:00.000+00:00", value: "Disclosed", }, ], title: "AdForest <= 5.1.6 - Authentication Bypass", }, }, cveMetadata: { assignerOrgId: "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", assignerShortName: "Wordfence", cveId: "CVE-2024-11349", datePublished: "2024-12-21T04:22:17.791Z", dateReserved: "2024-11-18T16:47:22.199Z", dateUpdated: "2024-12-28T00:51:22.860Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }