CVE-2024-34826-921d40f245ce385aa3c87830a52e072e.yaml

id: CVE-2024-34826-921d40f245ce385aa3c87830a52e072e

info:
  name: >
    Design for Contact Form 7 Style WordPress Plugin – CF7 WOW Styler <= 1.6.4 - Missing Authorization via Several AJAX Action
  author: topscoder
  severity: low
  description: >
    The Design for Contact Form 7 Style WordPress Plugin – CF7 WOW Styler plugin for WordPress is vulnerable to unauthorized access due to missing capability checks on several functions in versions up to, and including, 1.6.4. This makes it possible for authenticated attackers, with subscriber-level access and above, to perform several unauthorized actions.
  reference:
    - https://github.com/topscoder/nuclei-wordfence-cve
    - https://www.wordfence.com/threat-intel/vulnerabilities/id/a39679a6-21f1-41e2-aaf8-23f03b79ef33?source=api-prod
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
    cvss-score: 5.4
    cve-id: CVE-2024-34826
  metadata:
    fofa-query: "wp-content/plugins/cf7-styler/"
    google-query: inurl:"/wp-content/plugins/cf7-styler/"
    shodan-query: 'vuln:CVE-2024-34826'
  tags: cve,wordpress,wp-plugin,cf7-styler,low

http:
  - method: GET
    redirects: true
    max-redirects: 3
    path:
      - "{{BaseURL}}/wp-content/plugins/cf7-styler/readme.txt"

    extractors:
      - type: regex
        name: version
        part: body
        group: 1
        internal: true
        regex:
          - "(?mi)Stable tag: ([0-9.]+)"

      - type: regex
        name: version
        part: body
        group: 1
        regex:
          - "(?mi)Stable tag: ([0-9.]+)"

    matchers-condition: and
    matchers:
      - type: status
        status:
          - 200

      - type: word
        words:
          - "cf7-styler"
        part: body

      - type: dsl
        dsl:
          - compare_versions(version, '<= 1.6.4')