CVE-2024-4427 - Vulnerability Details - OpenCVE

The Comparison Slider plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on several AJAX actions in all versions up to, and including, 1.0.5. This makes it possible for authenticated attackers, with subscriber access or above, to change plugin settings and perform other actions such deleting sliders.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact Low

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Comparisonslider	Comparison Slider

Configuration 1 [-]

cpe:2.3:a:comparisonslider:comparison_slider:*:*:*:*:*:wordpress:*:*

No data.

References

Link	Providers
https://wordpress.org/plugins/comparison-slider/
https://www.wordfence.com/threat-intel/vulnerabilities/id/ab68a08d-a6d4-4424-a7bf-219951f752fa?source=cve

History

Wed, 12 Feb 2025 16:45:00 +0000

Type	Values Removed	Values Added
First Time appeared		Comparisonslider Comparisonslider comparison Slider
Weaknesses		CWE-862
CPEs		cpe:2.3:a:comparisonslider:comparison_slider::::::wordpress::*
Vendors & Products		Comparisonslider Comparisonslider comparison Slider

MITRE

Status: PUBLISHED

Assigner: Wordfence

Published: 2024-05-30T08:30:13.535Z

Updated: 2024-08-01T20:40:47.137Z

Reserved: 2024-05-02T12:10:12.111Z

Link: CVE-2024-4427

Vulnrichment

Updated: 2024-08-01T20:40:47.137Z

NVD

Status : Analyzed

Published: 2024-05-30T09:15:10.453

Modified: 2025-02-12T16:28:31.400

Link: CVE-2024-4427

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-4427", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "state": "PUBLISHED", "assignerShortName": "Wordfence", "dateReserved": "2024-05-02T12:10:12.111Z", "datePublished": "2024-05-30T08:30:13.535Z", "dateUpdated": "2024-08-01T20:40:47.137Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2024-05-30T08:30:13.535Z"}, "affected": [{"vendor": "comparisonslider", "product": "Comparison Slider", "versions": [{"version": "*", "status": "affected", "lessThanOrEqual": "1.0.5", "versionType": "semver"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "The Comparison Slider plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on several AJAX actions in all versions up to, and including, 1.0.5. This makes it possible for authenticated attackers, with subscriber access or above, to change plugin settings and perform other actions such deleting sliders."}], "title": "Comparison Slider <= 1.0.5 - Missing Authorization", "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/ab68a08d-a6d4-4424-a7bf-219951f752fa?source=cve"}, {"url": "https://wordpress.org/plugins/comparison-slider/"}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-862 Missing Authorization"}]}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", "baseScore": 4.3, "baseSeverity": "MEDIUM"}}], "credits": [{"lang": "en", "type": "finder", "value": "Benedictus Jovan"}], "timeline": [{"time": "2024-05-29T19:51:30.000+00:00", "lang": "en", "value": "Disclosed"}]}, "adp": [{"affected": [{"vendor": "pareslider-com", "product": "comparison_slider", "cpes": ["cpe:2.3:a:pareslider-com:comparison_slider:*:*:*:*:*:*:*:*"], "defaultStatus": "unaffected", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "1.0.5", "versionType": "semver"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-06-04T19:29:41.274767Z", "id": "CVE-2024-4427", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "ADP Container", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-04T19:33:40.178Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T20:40:47.137Z"}, "title": "CVE Program Container", "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/ab68a08d-a6d4-4424-a7bf-219951f752fa?source=cve", "tags": ["x_transferred"]}, {"url": "https://wordpress.org/plugins/comparison-slider/", "tags": ["x_transferred"]}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/ab68a08d-a6d4-4424-a7bf-219951f752fa?source=cve", "tags": ["x_transferred"]}, {"url": "https://wordpress.org/plugins/comparison-slider/", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T20:40:47.137Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-4427", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-06-04T19:29:41.274767Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:pareslider-com:comparison_slider:*:*:*:*:*:*:*:*"], "vendor": "pareslider-com", "product": "comparison_slider", "versions": [{"status": "affected", "version": "0", "versionType": "semver", "lessThanOrEqual": "1.0.5"}], "defaultStatus": "unaffected"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-04T19:33:35.287Z"}}], "cna": {"title": "Comparison Slider <= 1.0.5 - Missing Authorization", "credits": [{"lang": "en", "type": "finder", "value": "Benedictus Jovan"}], "metrics": [{"cvssV3_1": {"version": "3.1", "baseScore": 4.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"}}], "affected": [{"vendor": "comparisonslider", "product": "Comparison Slider", "versions": [{"status": "affected", "version": "*", "versionType": "semver", "lessThanOrEqual": "1.0.5"}], "defaultStatus": "unaffected"}], "timeline": [{"lang": "en", "time": "2024-05-29T19:51:30.000+00:00", "value": "Disclosed"}], "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/ab68a08d-a6d4-4424-a7bf-219951f752fa?source=cve"}, {"url": "https://wordpress.org/plugins/comparison-slider/"}], "descriptions": [{"lang": "en", "value": "The Comparison Slider plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on several AJAX actions in all versions up to, and including, 1.0.5. This makes it possible for authenticated attackers, with subscriber access or above, to change plugin settings and perform other actions such deleting sliders."}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-862 Missing Authorization"}]}], "providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2024-05-30T08:30:13.535Z"}}}, "cveMetadata": {"cveId": "CVE-2024-4427", "state": "PUBLISHED", "dateUpdated": "2024-08-01T20:40:47.137Z", "dateReserved": "2024-05-02T12:10:12.111Z", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "datePublished": "2024-05-30T08:30:13.535Z", "assignerShortName": "Wordfence"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:comparisonslider:comparison_slider:*:*:*:*:*:wordpress:*:*", "matchCriteriaId": "0500397E-8876-4712-BF58-A58E5E041877", "versionEndIncluding": "1.0.5", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The Comparison Slider plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on several AJAX actions in all versions up to, and including, 1.0.5. This makes it possible for authenticated attackers, with subscriber access or above, to change plugin settings and perform other actions such deleting sliders."}, {"lang": "es", "value": "El complemento Comparison Slider para WordPress es vulnerable a modificaciones no autorizadas de datos debido a una falta de verificaci\u00f3n de capacidad en varias acciones AJAX en todas las versiones hasta la 1.0.5 incluida. Esto hace posible que atacantes autenticados, con acceso de suscriptor o superior, cambien la configuraci\u00f3n del complemento y realicen otras acciones, como eliminar controles deslizantes."}], "id": "CVE-2024-4427", "lastModified": "2025-02-12T16:28:31.400", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 1.4, "source": "security@wordfence.com", "type": "Secondary"}]}, "published": "2024-05-30T09:15:10.453", "references": [{"source": "security@wordfence.com", "tags": ["Product"], "url": "https://wordpress.org/plugins/comparison-slider/"}, {"source": "security@wordfence.com", "tags": ["Third Party Advisory"], "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/ab68a08d-a6d4-4424-a7bf-219951f752fa?source=cve"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Product"], "url": "https://wordpress.org/plugins/comparison-slider/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/ab68a08d-a6d4-4424-a7bf-219951f752fa?source=cve"}], "sourceIdentifier": "security@wordfence.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-862"}], "source": "nvd@nist.gov", "type": "Primary"}]}