A vulnerability has been found in WPML Plugin up to 3.1.8 and classified as critical. This vulnerability affects the function sync of the file sitepress-multilingual-cms/menu/menus-sync.php. The manipulation with an unknown input leads to a access control vulnerability. The CWE definition for the vulnerability is CWE-264. As an impact it is known to affect integrity, and availability. CVE summarizes:

The "menu sync" function in the WPML plugin before 3.1.9 for WordPress allows remote attackers to delete arbitrary posts, pages, and menus via a crafted request to sitepress-multilingual-cms/menu/menus-sync.php.

The weakness was presented 03/30/2015 (Website). The advisory is available at wpml.org. This vulnerability was named CVE-2015-2791 since 03/30/2015. The exploitation appears to be easy. The attack can be initiated remotely. No form of authentication is required for a successful exploitation. Technical details and also a public exploit are known. This vulnerability is assigned to T1068 by the MITRE ATT&CK project.

It is possible to download the exploit at exploit-db.com. It is declared as proof-of-concept. By approaching the search of inurl:sitepress-multilingual-cms/menu/menus-sync.php it is possible to find vulnerable targets with Google Hacking.

Upgrading to version 3.1.9 eliminates this vulnerability.

The vulnerability is also documented in the vulnerability database at Exploit-DB (36414). See VDB-74579 for similar entry.

Productinfo

Name

• WPML Plugin

Version

• 3.1.0
• 3.1.1
• 3.1.2
• 3.1.3
• 3.1.4
• 3.1.5
• 3.1.6
• 3.1.7
• 3.1.8

CPE 2.3info

• 🔍
• 🔍
• 🔍

CPE 2.2info

• 🔍
• 🔍
• 🔍

CVSSv4info

CVSSv3info

CVSSv2info

Exploitinginfo

Threat Intelligenceinfo

Countermeasuresinfo

Timelineinfo

Sourcesinfo

Entryinfo

Discussion