Vulnerability Details CVE-2024-10800
The WordPress User Extra Fields plugin for WordPress is vulnerable to privilege escalation due to a missing capability check on the ajax_save_fields() function in all versions up to, and including, 16.6. This makes it possible for authenticated attackers, with subscriber-level access and above, to add custom fields that can be updated and then use the check_and_overwrite_wp_or_woocommerce_fields function to update the wp_capabilities field to have administrator privileges.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 23.2%
CVSS Severity
CVSS v3 Score 8.8
References
Products affected by CVE-2024-10800
-
cpe:2.3:a:vanquish:user_extra_fields:-
-
cpe:2.3:a:vanquish:user_extra_fields:13.7
-
cpe:2.3:a:vanquish:user_extra_fields:13.8
-
cpe:2.3:a:vanquish:user_extra_fields:13.9
-
cpe:2.3:a:vanquish:user_extra_fields:14.0
-
cpe:2.3:a:vanquish:user_extra_fields:14.1
-
cpe:2.3:a:vanquish:user_extra_fields:14.2
-
cpe:2.3:a:vanquish:user_extra_fields:14.3
-
cpe:2.3:a:vanquish:user_extra_fields:14.4
-
cpe:2.3:a:vanquish:user_extra_fields:14.5
-
cpe:2.3:a:vanquish:user_extra_fields:14.6
-
cpe:2.3:a:vanquish:user_extra_fields:14.7
-
cpe:2.3:a:vanquish:user_extra_fields:14.8
-
cpe:2.3:a:vanquish:user_extra_fields:14.9
-
cpe:2.3:a:vanquish:user_extra_fields:15.0
-
cpe:2.3:a:vanquish:user_extra_fields:15.1
-
cpe:2.3:a:vanquish:user_extra_fields:15.2
-
cpe:2.3:a:vanquish:user_extra_fields:15.3
-
cpe:2.3:a:vanquish:user_extra_fields:15.4
-
cpe:2.3:a:vanquish:user_extra_fields:15.5
-
cpe:2.3:a:vanquish:user_extra_fields:15.6
-
cpe:2.3:a:vanquish:user_extra_fields:15.7
-
cpe:2.3:a:vanquish:user_extra_fields:15.8
-
cpe:2.3:a:vanquish:user_extra_fields:15.9
-
cpe:2.3:a:vanquish:user_extra_fields:16.0
-
cpe:2.3:a:vanquish:user_extra_fields:16.1
-
cpe:2.3:a:vanquish:user_extra_fields:16.2
-
cpe:2.3:a:vanquish:user_extra_fields:16.3
-
cpe:2.3:a:vanquish:user_extra_fields:16.4
-
cpe:2.3:a:vanquish:user_extra_fields:16.5
-
cpe:2.3:a:vanquish:user_extra_fields:16.6