CVE-2024-6754
published 2024-07-24CVE-2024-6754: The Social Auto Poster plugin for WordPress is vulnerable to unauthorized modification of data to a missing capability check on the…
PriorityP423medium4.3CVSS 3.1
AVNACLPRLUINSUCNILAN
EPSS
0.26%
17.7th percentile
The Social Auto Poster plugin for WordPress is vulnerable to unauthorized modification of data to a missing capability check on the ‘wpw_auto_poster_update_tweet_template’ function in all versions up to, and including, 5.3.14. This makes it possible for authenticated attackers, with Subscriber-level access and above, to update arbitrary post metadata.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| wpweb | social_auto_poster | <= 5.3.14 | — |
| wpwebinfotech | social_auto_poster | < 5.3.15 | 5.3.15 |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-gm9c-2h9v-jgp5: The Social Auto Poster plugin for WordPress is vulnerable to unauthorized modification of data to a missing capability check on the ‘wpw_auto_poster_u
ghsa_unreviewed·2024-07-24
CVE-2024-6754 [MEDIUM] CWE-862 GHSA-gm9c-2h9v-jgp5: The Social Auto Poster plugin for WordPress is vulnerable to unauthorized modification of data to a missing capability check on the ‘wpw_auto_poster_u
The Social Auto Poster plugin for WordPress is vulnerable to unauthorized modification of data to a missing capability check on the ‘wpw_auto_poster_update_tweet_template’ function in all versions up to, and including, 5.3.14. This makes it possible for authenticated attackers, with Subscriber-level access and above, to update arbitrary post metadata.
GHSA
GHSA-7vg8-pfw4-vmjp: The Social Auto Poster plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'wpw_auto_poster_get_im
ghsa_unreviewed·2024-07-24·CVSS 5.4
CVE-2024-6756 [MEDIUM] CWE-434 GHSA-7vg8-pfw4-vmjp: The Social Auto Poster plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'wpw_auto_poster_get_im
The Social Auto Poster plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'wpw_auto_poster_get_image_path' function in all versions up to, and including, 5.3.14. This makes it possible for authenticated attackers, with Contributor-level and above permissions, to upload arbitrary files on the affected site's server which may make remote code execution possible. An attacker can use CVE-2024-6754 to exploit with subscriber-level access.
No detection rules found.
No public exploits indexed.
Bugzilla
CVE-2024-45492 libexpat: integer overflow
bugzilla·2024-08-30·CVSS 9.8
CVE-2024-45492 [CRITICAL] CVE-2024-45492 libexpat: integer overflow
CVE-2024-45492 libexpat: integer overflow
An issue was discovered in libexpat before 2.6.3. nextScaffoldPart in xmlparse.c can have an integer overflow for m_groupSize on 32-bit platforms (where UINT_MAX equals SIZE_MAX).
Discussion:
This issue has been addressed in the following products:
Red Hat Enterprise Linux 9
Via RHSA-2024:6754 https://access.redhat.com/errata/RHSA-2024:6754
---
This issue has been addressed in the following products:
Red Hat Enterprise Linux 8
Via RHSA-2024:6989 https://access.redhat.com/errata/RHSA-2024:6989
---
This issue has been addressed in the following products:
Red Hat OpenShift Container Platform 4.16
Via RHSA-2024:7599 https://access.redhat.com/errata/RHSA-2024:7599
---
This issue has been addressed in the following products:
Red Hat OpenS
Bugzilla
CVE-2024-45491 libexpat: Integer Overflow or Wraparound
bugzilla·2024-08-30·CVSS 9.8
CVE-2024-45491 [CRITICAL] CVE-2024-45491 libexpat: Integer Overflow or Wraparound
CVE-2024-45491 libexpat: Integer Overflow or Wraparound
An issue was discovered in libexpat before 2.6.3. dtdCopy in xmlparse.c can have an integer overflow for nDefaultAtts on 32-bit platforms (where UINT_MAX equals SIZE_MAX).
Discussion:
https://github.com/libexpat/libexpat/blob/R_2_6_3/expat/Changes
---
This issue has been addressed in the following products:
Red Hat Enterprise Linux 9
Via RHSA-2024:6754 https://access.redhat.com/errata/RHSA-2024:6754
---
This issue has been addressed in the following products:
Red Hat Enterprise Linux 8
Via RHSA-2024:6989 https://access.redhat.com/errata/RHSA-2024:6989
---
This issue has been addressed in the following products:
Red Hat OpenShift Container Platform 4.16
Via RHSA-2024:7599 https://access.redhat.com/errata/RHSA-2024:7599
Bugzilla
CVE-2024-45490 libexpat: Negative Length Parsing Vulnerability in libexpat
bugzilla·2024-08-30·CVSS 7.5
CVE-2024-45490 [HIGH] CVE-2024-45490 libexpat: Negative Length Parsing Vulnerability in libexpat
CVE-2024-45490 libexpat: Negative Length Parsing Vulnerability in libexpat
An issue was discovered in libexpat before 2.6.3. xmlparse.c does not reject a negative length for XML_ParseBuffer.
Discussion:
https://github.com/libexpat/libexpat/blob/R_2_6_3/expat/Changes
---
This issue has been addressed in the following products:
Red Hat Enterprise Linux 9
Via RHSA-2024:6754 https://access.redhat.com/errata/RHSA-2024:6754
---
This issue has been addressed in the following products:
Red Hat Enterprise Linux 8
Via RHSA-2024:6989 https://access.redhat.com/errata/RHSA-2024:6989
---
This issue has been addressed in the following products:
Red Hat OpenShift Container Platform 4.16
Via RHSA-2024:7599 https://access.redhat.com/errata/RHSA-2024:7599
---
This issue has been addressed in
https://codecanyon.net/item/social-auto-poster-wordpress-scheduler-marketing-plugin/5754169https://www.wordfence.com/threat-intel/vulnerabilities/id/72934d2f-fd52-46d1-8cf9-9a20968899f7?source=cvehttps://codecanyon.net/item/social-auto-poster-wordpress-scheduler-marketing-plugin/5754169https://www.wordfence.com/threat-intel/vulnerabilities/id/72934d2f-fd52-46d1-8cf9-9a20968899f7?source=cve
2024-07-24
Published