vendor:
WP Marketplace
by:
Claudio Viviani
9
CVSS
HIGH
Remote Command Execution
78
CWE
Product Name: WP Marketplace
Affected Version From: 2.4.2000
Affected Version To: 2.4.2000
Patch Exists: YES
Related CWE: N/A
CPE: N/A
Metasploit:
N/A
Other Scripts:
N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References:
N/A
Nuclei Metadata: N/A
Platforms Tested: BackBox 3.x
2015
WP Marketplace 2.4.0 Remote Command Execution
A vulnerability exists in the WP Marketplace 2.4.0 plugin, which allows an attacker to execute arbitrary commands on the vulnerable system. This is due to the fact that the wpmp_pp_ajax_call() action can be called from any post/page, which allows an attacker to call the wp_insert_user() function with malicious parameters. This can be exploited to add a new administrator user to the vulnerable system.
Mitigation:
Upgrade to the latest version of WP Marketplace plugin.