Search criteria
2 vulnerabilities found for FundEngine – Donation and Crowdfunding Platform by xpeedstudio
CVE-2024-6698 (GCVE-0-2024-6698)
Vulnerability from cvelistv5 – Published: 2024-08-01 03:29 – Updated: 2024-08-01 14:10
VLAI?
Title
FundEngine – Donation and Crowdfunding Platform <= 1.7.0 - Authenticated (Subscriber+) Privilege Escalation
Summary
The FundEngine plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 1.7.0. This is due to the plugin not properly verifying user meta updated through the update_user_meta function. This makes it possible for authenticated attackers, with subscriber-level access and above, to update their user meta which can be leveraged to update their capabilities to gain administrator access.
Severity ?
8.8 (High)
CWE
- CWE-862 - Missing Authorization
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| xpeedstudio | FundEngine – Donation and Crowdfunding Platform |
Affected:
* , ≤ 1.7.0
(semver)
|
Credits
Thanh Nam Tran
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:wpmet:wp_fundraising_donation_and_crowdfunding_platform:*:*:*:*:*:wordpress:*:*"
],
"defaultStatus": "unknown",
"product": "wp_fundraising_donation_and_crowdfunding_platform",
"vendor": "wpmet",
"versions": [
{
"lessThanOrEqual": "1.7.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-6698",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-01T14:07:25.485872Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-01T14:10:21.095Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "FundEngine \u2013 Donation and Crowdfunding Platform",
"vendor": "xpeedstudio",
"versions": [
{
"lessThanOrEqual": "1.7.0",
"status": "affected",
"version": "*",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Thanh Nam Tran"
}
],
"descriptions": [
{
"lang": "en",
"value": "The FundEngine plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 1.7.0. This is due to the plugin not properly verifying user meta updated through the update_user_meta function. This makes it possible for authenticated attackers, with subscriber-level access and above, to update their user meta which can be leveraged to update their capabilities to gain administrator access."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "CWE-862 Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-01T03:29:58.918Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/2ec6cf42-291b-452d-ad14-80ae1cd5ec5c?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=\u0026sfph_mail=\u0026reponame=\u0026new=3128099%40wp-fundraising-donation%2Ftrunk\u0026old=3072093%40wp-fundraising-donation%2Ftrunk\u0026sfp_email=\u0026sfph_mail="
}
],
"timeline": [
{
"lang": "en",
"time": "2024-07-31T15:16:32.000+00:00",
"value": "Disclosed"
}
],
"title": "FundEngine \u2013 Donation and Crowdfunding Platform \u003c= 1.7.0 - Authenticated (Subscriber+) Privilege Escalation"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2024-6698",
"datePublished": "2024-08-01T03:29:58.918Z",
"dateReserved": "2024-07-11T15:47:40.488Z",
"dateUpdated": "2024-08-01T14:10:21.095Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-6698 (GCVE-0-2024-6698)
Vulnerability from nvd – Published: 2024-08-01 03:29 – Updated: 2024-08-01 14:10
VLAI?
Title
FundEngine – Donation and Crowdfunding Platform <= 1.7.0 - Authenticated (Subscriber+) Privilege Escalation
Summary
The FundEngine plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 1.7.0. This is due to the plugin not properly verifying user meta updated through the update_user_meta function. This makes it possible for authenticated attackers, with subscriber-level access and above, to update their user meta which can be leveraged to update their capabilities to gain administrator access.
Severity ?
8.8 (High)
CWE
- CWE-862 - Missing Authorization
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| xpeedstudio | FundEngine – Donation and Crowdfunding Platform |
Affected:
* , ≤ 1.7.0
(semver)
|
Credits
Thanh Nam Tran
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:wpmet:wp_fundraising_donation_and_crowdfunding_platform:*:*:*:*:*:wordpress:*:*"
],
"defaultStatus": "unknown",
"product": "wp_fundraising_donation_and_crowdfunding_platform",
"vendor": "wpmet",
"versions": [
{
"lessThanOrEqual": "1.7.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-6698",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-01T14:07:25.485872Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-01T14:10:21.095Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "FundEngine \u2013 Donation and Crowdfunding Platform",
"vendor": "xpeedstudio",
"versions": [
{
"lessThanOrEqual": "1.7.0",
"status": "affected",
"version": "*",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Thanh Nam Tran"
}
],
"descriptions": [
{
"lang": "en",
"value": "The FundEngine plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 1.7.0. This is due to the plugin not properly verifying user meta updated through the update_user_meta function. This makes it possible for authenticated attackers, with subscriber-level access and above, to update their user meta which can be leveraged to update their capabilities to gain administrator access."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "CWE-862 Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-01T03:29:58.918Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/2ec6cf42-291b-452d-ad14-80ae1cd5ec5c?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=\u0026sfph_mail=\u0026reponame=\u0026new=3128099%40wp-fundraising-donation%2Ftrunk\u0026old=3072093%40wp-fundraising-donation%2Ftrunk\u0026sfp_email=\u0026sfph_mail="
}
],
"timeline": [
{
"lang": "en",
"time": "2024-07-31T15:16:32.000+00:00",
"value": "Disclosed"
}
],
"title": "FundEngine \u2013 Donation and Crowdfunding Platform \u003c= 1.7.0 - Authenticated (Subscriber+) Privilege Escalation"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2024-6698",
"datePublished": "2024-08-01T03:29:58.918Z",
"dateReserved": "2024-07-11T15:47:40.488Z",
"dateUpdated": "2024-08-01T14:10:21.095Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}