CVE-2024-8520

Cross-Site Request Forgery (CSRF) (CWE-352)

Published: Oct 4, 2024 / Updated: 47d ago

010
CVSS 4.3EPSS 0.08%Medium
CVE info copied to clipboard

Summary

The Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.8.6. This vulnerability is due to missing or incorrect nonce validation on the admin_init or user_action_hook function. It allows unauthenticated attackers to modify a user's membership status via a forged request, provided they can trick a site administrator into performing an action such as clicking on a link.

Impact

This vulnerability could allow attackers to manipulate user membership statuses without proper authorization. If exploited, it could lead to unauthorized elevation or demotion of user privileges within the WordPress site. This could potentially disrupt site operations, allow unauthorized access to restricted content, or cause confusion among users and administrators. The integrity of the user management system could be compromised, potentially affecting the overall security and functionality of the WordPress site.

Exploitation

There is no evidence that a public proof-of-concept exists. There is no evidence of proof of exploitation at the moment.

Patch

A patch is available. The vulnerability has been addressed in version 2.8.7 of the Ultimate Member plugin. Updates have been made to the plugin's codebase, which can be seen in the WordPress plugin repository and on GitHub.

Mitigation

1. Update the Ultimate Member plugin to version 2.8.7 or later as soon as possible. 2. Implement proper CSRF protection mechanisms, including the use of nonces for all state-changing operations. 3. Educate site administrators about the risks of clicking on unknown links, especially when logged into the WordPress admin panel. 4. Consider implementing additional security measures such as two-factor authentication for administrative accounts. 5. Regularly audit and monitor user privilege changes to detect any unauthorized modifications. 6. Keep all WordPress core files, themes, and other plugins up to date to maintain overall site security.

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

Timeline

First Article

Feedly found the first article mentioning CVE-2024-8520. See article

Oct 4, 2024 at 4:32 AM / CVE
CVSS Estimate

Feedly estimated the CVSS score as MEDIUM

Oct 4, 2024 at 4:36 AM
CVE Assignment

NVD published the first details for CVE-2024-8520

Oct 4, 2024 at 5:15 AM
CVSS

A CVSS base score of 5.3 has been assigned.

Oct 4, 2024 at 5:20 AM / nvd
CVSS Estimate

Feedly estimated the CVSS score as LOW

Oct 4, 2024 at 5:36 AM
EPSS

EPSS Score was set to: 0.08% (Percentile: 36.5%)

Oct 4, 2024 at 9:41 AM
CVSS

A CVSS base score of 4.3 has been assigned.

Oct 8, 2024 at 9:55 PM / nvd
Static CVE Timeline Graph

Affected Systems

Ultimatemember/ultimate_member
+null more

Patches

github.com
+null more

Attack Patterns

CAPEC-111: JSON Hijacking (aka JavaScript Hijacking)
+null more

News

cveNotify : 🚨 CVE-2024-8520The Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.8.6. This is due to missing or incorrect nonce validation on the admin_init or user_action_hook function. This makes it possible for unauthenticated attackers to modify a users membership status via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.🎖@cveNotify
cveNotify : 🚨 CVE-2024-8520The Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.8.6. This is due to missing or incorrect nonce validation on the admin_init or user_action_hook function. This makes it possible for unauthenticated attackers to modify a users membership status via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.🎖@cveNotify
CVE Alert: CVE-2024-8520 - https://www. redpacketsecurity.com/cve_aler t_cve-2024-8520/ # OSINT # ThreatIntel # CyberSecurity # cve_2024_8520
null
- MEDIUM - CVE-2024-8520 The Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.8.6. This is due to missing or incorrect nonce validation on the admin_init or user_action_hook function. This makes it possible for unauthenticated attackers to modify a users membership status via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.
Medium - CVE-2024-8520 - The Ultimate Member – User Profile,...
The Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction &Membership Plugin plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions...
CVE-2024-8520
Medium Severity Description The Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.8.6. This is due to missing or incorrect nonce validation on the admin_init or user_action_hook function. This makes it possible for unauthenticated attackers to modify a users membership status via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. Read more at https://www.tenable.com/cve/CVE-2024-8520
See 5 more articles and social media posts

CVSS V3.1

Attack Vector:Network
Attack Complexity:Low
Privileges Required:None
User Interaction:Required
Scope:Unchanged
Confidentiality:None
Integrity:Low
Availability Impact:None

Categories

Be the first to know about critical vulnerabilities

Collect, analyze, and share vulnerability reports faster using AI