CVE-2024-9305

HIGH

Apppresser < 4.4.5 - Password Reset Weakness

Title source: rule

Description

The AppPresser – Mobile App Framework plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 4.4.4. This is due to the appp_reset_password() and validate_reset_password() functions not having enough controls to prevent a successful brute force attack of the OTP to change a password, or verify that a password reset request came from an authorized user. This makes it possible for unauthenticated attackers to generate and brute force an OTP that makes it possible to change any users passwords, including an administrator.

References (4)

[Product] https://plugins.trac.wordpress.org/browser/apppresser/tags/4.4.4/inc/AppPresser_Ajax_Extras.php#L31

[Product] https://plugins.trac.wordpress.org/browser/apppresser/tags/4.4.4/inc/AppPresser_WPAPI_Mods.php#L92

[Patch] https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3168744%40apppresser&new=3168744%40apppresser&sfp_email=&sfph_mail=

[Third Party Advisory] https://www.wordfence.com/threat-intel/vulnerabilities/id/45647fa6-a98d-4eb4-a287-f523e434688b?source=cve

Scores

CVSS v3 8.1

EPSS 0.0049

EPSS Percentile 65.8%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact total

Details

CWE

CWE-640

Status published

Products (2)

apppresser/apppresser < 4.4.5

scottopolis/AppPresser – Mobile App Framework < 4.4.4

Published Oct 16, 2024

Tracked Since Feb 18, 2026