CVE-2024-13375
Published: 18 January 2025
Description
The Adifier System plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 3.1.7. This is due to the plugin not properly validating a user's identity prior to updating their details like password through the adifier_recover() function. This makes it possible for unauthenticated attackers to change arbitrary user's passwords, including administrators, and leverage that to gain access to their account.
Security Summary
CVE-2024-13375 is a privilege escalation vulnerability affecting the Adifier System plugin for WordPress in all versions up to and including 3.1.7. The issue stems from the plugin's adifier_recover() function failing to properly validate a user's identity before allowing updates to account details, such as passwords. This flaw enables account takeover by permitting unauthorized changes to user credentials.
Unauthenticated attackers can exploit this vulnerability remotely with low complexity and no privileges required, as indicated by its CVSS v3.1 base score of 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H). By targeting the recovery function, attackers can reset passwords for arbitrary users, including administrators, thereby gaining full access to those accounts and potentially compromising the entire WordPress site.
Advisories are available from sources including Wordfence threat intelligence and the Adifier theme page on ThemeForest, which provide further details on the vulnerability. No specific patch or mitigation steps are detailed in the core CVE information.
Details
- CWE(s)