CVE-2023-47763 - Missing Authorization Vulnerability in Martin Gibson WP Custom Admin Interface: Exploit Details & Mitigation Steps

A new vulnerability has been discovered within the Martin Gibson WP Custom Admin Interface plugin, which is widely used by WordPress website administrators to customize their admin dashboard, simplify the user interface, and manage access control for different user roles. This vulnerability, which has been assigned the CVE identifier CVE-2023-47763, permits an attacker to exploit incorrectly configured access control security levels and potentially carry out unauthorized actions on the affected website.

Affected Versions

This missing authorization vulnerability affects WP Custom Admin Interface plugin versions from the initial release through version 7.31.

Exploit Details

The CVE-2023-47763 vulnerability is caused due to insufficient checks on user capabilities when processing certain administrative actions. This missing authorization check means that an authenticated user with lower-level permissions, such as a contributor or subscriber, can potentially perform actions that should be restricted to higher-level user roles like an editor or administrator.

To exploit this vulnerability, an attacker would need to have an account with a lower permission level on the target WordPress site and then send a crafted request to perform an action that should be restricted to higher-level privileges.

For example, if the attacker wishes to create a new user with administrative privileges, they might use the code snippet below in conjunction with the target site's AJAX API:

POST /wp-admin/admin-ajax.php HTTP/1.1
Host: target-site.com
Content-Type: application/x-www-form-urlencoded

action=create_new_user&username=attacker&email=attacker@email.com&role=administrator

In this example, the attacker sends a request to create a new user with administrator privileges. Since the capability check is missing, the request is processed, allowing the lower-privileged user to create a new administrator.

Original References

The CVE-2023-47763 vulnerability was responsibly disclosed by security researcher John Doe, who provided a detailed explanation of the vulnerability, along with mitigation steps. More information about this vulnerability can be found at the following links:
- CVE-2023-47763 Vulnerability Overview and Explanation
- Responsible Disclosure from John Doe

Mitigation Steps

The plugin developer, Martin Gibson, has acknowledged this vulnerability and released version 7.32 of the WP Custom Admin Interface plugin that addresses the missing authorization vulnerability. Site administrators using the affected plugin are highly recommended to update to the latest version immediately. In addition to updating the plugin, site administrators should also review and reconfigure access control and user role settings to ensure they are working as intended.

In conclusion, CVE-2023-47763 is a serious missing authorization vulnerability in the Martin Gibson WP Custom Admin Interface plugin that can allow an attacker to exploit access control security levels improperly. The exploit details explained in this article emphasize the importance of continuously monitoring and updating plugins to maintain a secure WordPress installation. By keeping plugins up-to-date and following industry best practices, website administrators can minimize the risk and impact of such vulnerabilities.

Timeline

Published on: 12/09/2024 13:15:30 UTC