CVE-2024-12857

The AdForest theme for WordPress is vulnerable to authentication bypass in all versions up to, and including, 5.1.8. This is due to the plugin not properly verifying a user's identity prior to logging them in as that user. This makes it possible for unauthenticated attackers to authenticate as any user as long as they have configured OTP login by phone number.

CVSS v3 9.8 CRITICAL

9.8^/10

CVSS v3 : CRITICAL

Vector :

Exploitability : 3.9 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://themeforest.net/item/adforest-classified-wordpress-theme/19481695	Product
https://www.wordfence.com/threat-intel/vulnerabilities/id/4ff3b4f1-dd36-43d0-b472-55a940907437?source=cve	Third Party Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:scriptsbundle:adforest:*:*:*:*:*:wordpress:*:*

History

No history.

Information

Published : 2025-01-22 07:15

Updated : 2025-01-24 19:18

NVD link : CVE-2024-12857

Mitre link : CVE-2024-12857

CVE.ORG link : CVE-2024-12857

JSON object : View

Products Affected

scriptsbundle

adforest

CWE

CWE-288

Authentication Bypass Using an Alternate Path or Channel

CWE-306

Missing Authentication for Critical Function

{"id": "CVE-2024-12857", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "security@wordfence.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}, {"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}]}, "published": "2025-01-22T07:15:16.237", "references": [{"url": "https://themeforest.net/item/adforest-classified-wordpress-theme/19481695", "tags": ["Product"], "source": "security@wordfence.com"}, {"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/4ff3b4f1-dd36-43d0-b472-55a940907437?source=cve", "tags": ["Third Party Advisory"], "source": "security@wordfence.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "security@wordfence.com", "description": [{"lang": "en", "value": "CWE-288"}]}, {"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-306"}]}], "descriptions": [{"lang": "en", "value": "The AdForest theme for WordPress is vulnerable to authentication bypass in all versions up to, and including, 5.1.8. This is due to the plugin not properly verifying a user's identity prior to logging them in as that user. This makes it possible for unauthenticated attackers to authenticate as any user as long as they have configured OTP login by phone number."}, {"lang": "es", "value": "El tema AdForest para WordPress es vulnerable a la omisi\u00f3n de autenticaci\u00f3n en todas las versiones hasta la 5.1.8 y incluida. Esto se debe a que el complemento no verifica correctamente la identidad de un usuario antes de iniciar sesi\u00f3n como ese usuario. Esto hace posible que atacantes no autenticados se autentiquen como cualquier usuario siempre que haya configurado el inicio de sesi\u00f3n OTP por n\u00famero de tel\u00e9fono."}], "lastModified": "2025-01-24T19:18:01.417", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:scriptsbundle:adforest:*:*:*:*:*:wordpress:*:*", "vulnerable": true, "matchCriteriaId": "84F07AB5-D52E-4214-BB56-E64AEDF3E2DB", "versionEndExcluding": "5.1.9"}], "operator": "OR"}]}], "sourceIdentifier": "security@wordfence.com"}