The Gutenberg Template Library & Redux Framework plugin <= 4.2.11 for WordPress used an incorrect authorization check in the REST API endpoints registered under the “redux/v1/templates/” REST Route in “redux-templates/classes/class-api.php”. The permissions_callback
used in this file only checked for the edit_posts
capability which is granted to lower-privileged users such as contributors, allowing such users to install arbitrary plugins from the WordPress repository and edit arbitrary posts.
The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check. This allows attackers to bypass intended access restrictions.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Gutenberg_template_library_&_redux_framework | Redux | * | 4.2.11 (including) |
Assuming a user with a given identity, authorization is the process of determining whether that user can access a given resource, based on the user’s privileges and any permissions or other access-control specifications that apply to the resource. When access control checks are incorrectly applied, users are able to access data or perform actions that they should not be allowed to perform. This can lead to a wide range of problems, including information exposures, denial of service, and arbitrary code execution.