CVE-2020-36724
published 2023-06-07CVE-2020-36724: The Wordable plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 3.1.1. This is due to the use of a user supplied…
PriorityP266critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
1.54%
71.8th percentile
The Wordable plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 3.1.1. This is due to the use of a user supplied hashing algorithm passed to the hash_hmac() function and the use of a loose comparison on the hash which allows an attacker to trick the function into thinking it has a valid hash. This makes it possible for unauthenticated attackers to gain administrator privileges.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| wordable | wordable | <= 3.1.1 | — |
| wordable | wordable_export_google_docs_to_wordpress | < 3.1.2 | 3.1.2 |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
https://blog.nintechnet.com/wordpress-plugins-and-themes-vulnerabilities-roundup/https://plugins.trac.wordpress.org/changeset/2234193/wordable/trunk/wordable.phphttps://www.wordfence.com/threat-intel/vulnerabilities/id/be1ab218-37bd-407a-8cb9-66f761849c21?source=cvehttps://blog.nintechnet.com/wordpress-plugins-and-themes-vulnerabilities-roundup/https://plugins.trac.wordpress.org/changeset/2234193/wordable/trunk/wordable.phphttps://www.wordfence.com/threat-intel/vulnerabilities/id/be1ab218-37bd-407a-8cb9-66f761849c21?source=cve
2023-06-07
Published