Description

The InfiniteWP Client plugin for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 1.11.1 via the 'admin_notice' function. This can allow authenticated attackers with subscriber-level permissions or above to extract sensitive data including configuration. It can only be exploited if the plugin has not been configured yet. If combined with another arbitrary plugin installation and activation vulnerability, it may be possible to connect a site to InfiniteWP which would make remote management possible and allow for elevation of privileges.

Related CPE's

a

revmakx

infinitewp_client

*

*

*

*

*

wordpress

Vulnerable

References

https://plugins.trac.wordpress.org/browser/iwp-client/tags/1.11.1/core.class.php#L365

Exploit

https://plugins.trac.wordpress.org/changeset/2925897/iwp-client#file4

Patch

https://www.wordfence.com/threat-intel/vulnerabilities/id/aa157c80-447f-4406-9e49-9cc6208b7b19?source=cve

ExploitThird Party Advisory

Weaknesses

[email protected]

Primary
CWE-668

CVSS impact metrics

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N

5.3 · Medium

  • CVSS V3.1

  • CVSS V3.0

  • CVSS V2.0

Information

Source identifier

[email protected]

Vulnerability status

Modified

Published

2023-08-15T09:15:09.713

11 months ago

Last modified

2023-11-07T04:13:32.660

8 months ago