CVE-2024-11103Weak Password Recovery Mechanism for Forgotten Password in Contest Gallery

CWE-640Weak Password Recovery Mechanism for Forgotten Password3 documents3 sources
Severity
9.8CRITICALNVD
EPSS
0.1%
top 68.62%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Contest-gallery Contest Gallery
Timeline
PublishedNov 28

Description

The Contest Gallery plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 24.0.7. This is due to the plugin not properly validating a user's identity prior to updating their password. This makes it possible for unauthenticated attackers to change arbitrary user's passwords, including administrators, and leverage that to gain access to their account.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages1 packages

Patches

Patch: plugins.trac.wordpress.org

🔴Vulnerability Details

2
CVEList
Contest Gallery <= 24.0.7 - Unauthenticated Arbitrary Password Reset to Privilege Escalation/Account Takeover2024-11-28
GHSA
GHSA-2qxr-q4ff-f53j: The Contest Gallery plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 242024-11-28
CVE-2024-11103 — Contest Gallery vulnerability | cvebase