A vulnerability was found in JupiterX Core 2.0.6 on WordPress (WordPress Plugin). It has been classified as critical. Affected is the function jupiterx_conditional_manager of the file includes/condition/class-condition-manager.php of the component Configuration Handler. The manipulation of the argument sub_action with an unknown input leads to a access control vulnerability. CWE is classifying the issue as CWE-284. The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor. This is going to have an impact on confidentiality, integrity, and availability. CVE summarizes:

Vulnerable versions of the JupiterX Core (<= 2.0.6) plugin register an AJAX action jupiterx_conditional_manager which can be used to call any function in the includes/condition/class-condition-manager.php file by sending the desired function to call in the sub_action parameter. This can be used to view site configuration and logged-in users, modify post conditions, or perform a denial of service attack.

The weakness was presented 06/13/2022. The advisory is available at wordfence.com. This vulnerability is traded as CVE-2022-1659 since 05/10/2022. Technical details are known, but there is no available exploit. This vulnerability is assigned to T1068 by the MITRE ATT&CK project.

By approaching the search of inurl:includes/condition/class-condition-manager.php it is possible to find vulnerable targets with Google Hacking.

There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.

Productinfo

Type

• WordPress Plugin

Name

• JupiterX Core

Version

• 2.0.6

CPE 2.3info

• 🔍

CPE 2.2info

• 🔍

CVSSv4info

CVSSv3info

CVSSv2info

Exploitinginfo

Threat Intelligenceinfo

Countermeasuresinfo

Timelineinfo

Sourcesinfo

Entryinfo

Discussion