WordPress Portfolio Builder - Portfolio Gallery Missing Authorization Vulnerability in Video Addition Function
Vulnerability
A vulnerability exists in the WordPress Portfolio Builder - Portfolio Gallery plugin, specifically in versions through 1.1.7. The issue arises from a lack of proper capability checks in the 'add_video' function, allowing unauthenticated users to add arbitrary videos to any portfolio gallery. This unauthorized data modification could be exploited by attackers to manipulate portfolio content without authentication.
Impact
Exploitation of this vulnerability allows for unauthorized users to add videos to portfolio galleries, potentially leading to misuse of the gallery feature or disruption of the intended content presentation.
Reproduction
To reproduce this vulnerability, an unauthenticated user can send a request to the 'add_video' function without the necessary authorization. This can be done by including a 'video' parameter with the desired video URL in the request. The absence of a capability check allows the request to be processed, adding the video to the specified portfolio gallery.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.