CallbackKiller Service Widget Missing Authorization Vulnerability in WordPress
Vulnerability
A vulnerability exists in the CallbackKiller service widget for WordPress, specifically in versions through 1.2. The issue arises from a lack of proper capability checks in the 'cbk_save()' function, allowing unauthenticated users to arbitrarily modify the plugin's site ID settings. This exploitation is possible through the 'cbk_save_v1' AJAX action.
Impact
Exploitation of this vulnerability allows for unauthorized, arbitrary changes to the plugin's site ID settings, which could potentially disrupt the functionality of the widget or its integration with the CallbackKiller service.
Reproduction
To reproduce this vulnerability, send a request to the 'wp_ajax_cbk_save_v1' action without authentication. Include the 'siteid' parameter in the request to modify the site ID setting of the affected WordPress installation.
Remediation
No known patch is available. Users are advised to review the vulnerability details and consider uninstalling the affected plugin.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.