CVE-2024-10924

CVSS V2 None CVSS V3 None

Description

The Really Simple Security (Free, Pro, and Pro Multisite) plugins for WordPress are vulnerable to authentication bypass in versions 9.0.0 to 9.1.1.1. This is due to improper user check error handling in the two-factor REST API actions with the 'check_login_and_get_user' function. This makes it possible for unauthenticated attackers to log in as any existing user on the site, such as an administrator, when the "Two-Factor Authentication" setting is enabled (disabled by default).

Overview

CVE ID
CVE-2024-10924

Assigner
Wordfence

Vulnerability Status
PUBLISHED

Published Version
2024-11-15T03:18:45.746Z

Last Modified Date
2024-11-15T03:18:45.746Z

Weakness Enumerations

CWE	URL
CWE-288	http://cwe.mitre.org/data/definitions/288.html

References

Reference URL	Reference Tags
https://www.wordfence.com/threat-intel/vulnerabilities/id/7d5d05ad-1a7a-43d2-bbbf-597e975446be?source=cve
https://plugins.trac.wordpress.org/browser/really-simple-ssl/tags/9.1.1.1/security/wordpress/two-fa/class-rsssl-two-factor-on-board-api.php#L67
https://plugins.trac.wordpress.org/browser/really-simple-ssl/tags/9.1.1.1/security/wordpress/two-fa/class-rsssl-two-factor-on-board-api.php#L277
https://plugins.trac.wordpress.org/browser/really-simple-ssl/tags/9.1.1.1/security/wordpress/two-fa/class-rsssl-two-factor-on-board-api.php#L278
https://plugins.trac.wordpress.org/changeset/3188431/really-simple-ssl

Sources

Source Name	Source URL
NIST	https://nvd.nist.gov/vuln/detail/CVE-2024-10924
MITRE	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10924

History

Created	Old Value	New Value	Data Type	Notes
2024-11-15 13:17:47				Added to TrackCVE