Permissions, Privileges, and Access Controls in WordPress

1) Permissions, Privileges, and Access Controls

EUVDB-ID: #VU42131

Risk: Low

CVSSv4.0: 0.5 [CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2010-5297

CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls

Exploit availability: No

Description

The vulnerability allows a remote #AU# to manipulate data.

WordPress before 3.0.1, when a Multisite installation is used, permanently retains the "site administrators can add users" option once changed, which might allow remote authenticated administrators to bypass intended access restrictions in opportunistic circumstances via an add action after a temporary change.

Mitigation

Install update from vendor's website.

Vulnerable software versions

WordPress: 2.0 - 2.9.2

CPE2.3

• cpe:2.3:a:wordpress_org:wordpress:2.0:*:*:*:*:*:*:*
• cpe:2.3:a:wordpress_org:wordpress:2.0.1:*:*:*:*:*:*:*
• cpe:2.3:a:wordpress_org:wordpress:2.0.2:*:*:*:*:*:*:*
• cpe:2.3:a:wordpress_org:wordpress:2.0.4:*:*:*:*:*:*:*
• cpe:2.3:a:wordpress_org:wordpress:2.0.5:*:*:*:*:*:*:*
• cpe:2.3:a:wordpress_org:wordpress:2.0.6:*:*:*:*:*:*:*
• cpe:2.3:a:wordpress_org:wordpress:2.0.7:*:*:*:*:*:*:*
• cpe:2.3:a:wordpress_org:wordpress:2.0.8:*:*:*:*:*:*:*
• cpe:2.3:a:wordpress_org:wordpress:2.0.9:*:*:*:*:*:*:*
• cpe:2.3:a:wordpress_org:wordpress:2.0.10:*:*:*:*:*:*:*

External links

https://codex.wordpress.org/Changelog/3.0.1
https://core.trac.wordpress.org/query?status=closed&group=resolution&order=priority&milestone=3.0.1&resolution=fixed
https://core.trac.wordpress.org/changeset/15342
https://core.trac.wordpress.org/ticket/14119

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.