WP Recipe Maker Missing Capability Check Vulnerability Allowing Unauthorized Data Access
Vulnerability
A vulnerability exists in the WP Recipe Maker plugin for WordPress, in versions through 10.2.3, due to a lack of proper capability checks in the 'ajax_search_recipes' and 'ajax_get_recipe' functions. This flaw enables authenticated attackers with Subscriber-level access and above to access sensitive recipe data, including draft, pending, and private recipes, which they should not be able to view.
Impact
Exploitation of this vulnerability could lead to unauthorized access to sensitive recipe information, including draft, pending, and private recipes.
Reproduction
To reproduce this vulnerability, an authenticated user with Subscriber-level access can send a request to the 'ajax_get_recipe' or 'ajax_search_recipes' endpoints without the necessary permissions. The absence of a proper capability check allows them to retrieve private recipe data that should be inaccessible at their user level.
Remediation
Users are advised to update the WP Recipe Maker plugin to version 10.3.0 or later.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.