CVE-2024-9302

HIGH

Appcheap App Builder < 5.3.7 - Password Reset Weakness

Title source: rule
STIX 2.1

Description

The App Builder – Create Native Android & iOS Apps On The Flight plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 5.3.7. This is due to the verify_otp_forgot_password() and update_password() functions not having enough controls to prevent a successful brute force attack of the OTP to change a password, or verify that a password reset request came from an authorized user. This makes it possible for unauthenticated attackers to generate and brute force an OTP that makes it possible to change any users passwords, including an administrator.

References (4)

Scores

CVSS v3 8.1
EPSS 0.0072
EPSS Percentile 72.4%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact total

Details

CWE
CWE-640
Status published
Products (2)
appcheap/App Builder – Create Native Android & iOS Apps On The Flight < 5.3.7
appcheap/app_builder < 5.3.7
Published Oct 25, 2024
Tracked Since Feb 18, 2026