CVE-2023-2173 Information

Sep 01, 2023 cve

Description

The BadgeOS plugin for WordPress is vulnerable to Insecure Direct Object Reference in versions up to and including 3.7.1.6. This is due to improper validation and authorization checks within the badgeos_delete_step_ajax_handler badgeos_delete_award_step_ajax_handler badgeos_delete_deduct_step_ajax_handler and badgeos_delete_rank_req_step_ajax_handler functions. This makes it possible for authenticated attackers with subscriber-level permissions and above to delete arbitrary posts.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

Reference

https://plugins.trac.wordpress.org/browser/badgeos/trunk/includes/steps-ui.php#L371 https://www.wordfence.com/threat-intel/vulnerabilities/id/ebb9e37c-9e8b-429b-b4ef-cd875351852c?source=cve https://plugins.trac.wordpress.org/browser/badgeos/trunk/includes/points/deduct-steps-ui.php#L441 https://plugins.trac.wordpress.org/browser/badgeos/trunk/includes/points/award-steps-ui.php#L384 https://plugins.trac.wordpress.org/browser/badgeos/trunk/includes/ranks/rank-steps-ui.php#L375

Attack Complexity

LOW

Privileges Required

LOW

User Interaction Required

LOW

Scope

NONE

Confidentiality Impact

UNCHANGED

Integrity Impact

NONE

Availability Impact

HIGH

Base Score

NONE

Base Severity

6.5

Share on: