CVE-2024-3097 Scanner
CVE-2024-3097 scanner - Unauthenticated Information Disclosure vulnerability in NextGEN Gallery
Short Info
Level
Medium
Single Scan
Single Scan
Can be used by
Asset Owner
Estimated Time
10 sec
Time Interval
816 sec
Scan only one
Url
Toolbox
-
NextGEN Gallery is a popular WordPress plugin used by website owners to manage and display image galleries. It is widely utilized by photographers, artists, and bloggers to showcase their visual content. The plugin allows users to upload, organize, and publish galleries with ease. Additionally, it supports various gallery styles and provides an intuitive interface for managing images. The vulnerability check focuses on unauthorized access to sensitive data within the plugin.
The vulnerability in NextGEN Gallery allows unauthenticated attackers to access sensitive image metadata. This occurs due to a missing capability check in the get_item function. Exploiting this flaw, attackers can extract EXIF and other metadata from any uploaded image. The vulnerability affects versions up to and including 3.59.
The NextGEN Gallery plugin lacks proper authorization checks in the get_item function, specifically in the REST API endpoint. The vulnerable endpoint is "/wp-json/ngg/v1/admin/block/image/1", which can be accessed without authentication. The plugin's failure to verify user permissions allows attackers to retrieve sensitive information. The metadata extracted includes EXIF data, potentially exposing location and camera details. Proper authorization checks are missing, making the data vulnerable to unauthorized access.
Exploitation of this vulnerability can lead to the exposure of sensitive image metadata. Attackers may use this information to gain insights into user activity, including location data from EXIF metadata. This could result in privacy breaches and unauthorized tracking of individuals. Furthermore, the disclosure of metadata might aid in planning further attacks or social engineering schemes. The vulnerability poses a risk to user privacy and security.
Join the S4E platform to ensure your digital assets are secure. Our comprehensive scans detect vulnerabilities like unauthorized information disclosure in widely used plugins such as NextGEN Gallery. By becoming a member, you'll receive detailed reports, timely alerts, and expert guidance on remediation. Protect your website, maintain user trust, and stay ahead of potential threats with our proactive security measures. S4E helps you safeguard your online presence effortlessly.
References:
- https://plugins.trac.wordpress.org/browser/nextgen-gallery/trunk/src/REST/Admin/Block.php#L40
- https://www.wordfence.com/threat-intel/vulnerabilities/id/75f87f99-9f0d-46c2-a6f1-3c1ea0176303?source=cve
- https://zpbrent.github.io/pocs/8-plugin-nextgen-gallery-InfoDis-20240327.mp4
- https://github.com/fkie-cad/nvd-json-data-feeds