CVE-2022-2350 The Disable User Login plugin doesn't have any authorisation checks, allowing attackers to block or unblock users.

Unauthorised users can perform this attack by editing the plugin settings, selecting a restricted role, and then forcing the plugin to reload its settings by logging out and back in to the WordPress admin.

The Restrict Login Roles plugin also has an unspecified setting that allows unauthenticated attackers to change the Login System setting to “Only administrators”, which allows an unlimited number of unauthorised users to perform this attack.

In both cases, attackers can prevent other users from logging in and changing the settings of the Disable User Login WordPress plugin or Restrict Login Roles plugin by performing this unauthorised action.

Restrict Login Roles plugin

The Restrict Login Roles plugin was reported to have an unspecified setting that allows unauthenticated attackers to change the Login System setting to “Only administrators”, which allows an unlimited number of unauthorised users to perform this attack.
This is a critical vulnerability because it allows an attacker to prevent other users from logging in and changing the settings of any WordPress plugin they have installed.

Timeline

Published on: 10/10/2022 21:15:00 UTC
Last modified on: 10/11/2022 18:58:00 UTC

References

• https://wpscan.com/vulnerability/de28543b-c110-4a9f-bfe9-febccfba3a96
• https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-2350