The Frontend Admin by DynamiApps plugin for WordPress is vulnerable to improper missing encryption exception handling on the 'fea_encrypt' function in all versions up to, and including, 3.19.4. This makes it possible for unauthenticated attackers to manipulate the user processing forms, which can be used to add and edit administrator user for privilege escalation, or to automatically log in users for authentication bypass, or manipulate the post processing form that can be used to inject arbitrary web scripts. This can only be exploited if the 'openssl' php extension is not loaded on the server.
The vulnerability results from improper handling of the missing PHP 'openssl' extension by the 'fea_encrypt' function. When the 'openssl' extension is not loaded on the server, an attacker can manipulate forms that process users and posts. This allows creating or editing accounts with administrator privileges, automatic login as any user (authentication bypass), and injecting arbitrary web scripts in post processing forms (XSS). A necessary condition for exploiting the vulnerability is the absence of the 'openssl' extension loaded in the PHP server configuration.
An unauthenticated attacker can gain full administrative access to the WordPress site (privilege escalation), log in as any user (authentication bypass), or inject and execute malicious web scripts (XSS) leading to further compromise of the service.
The Frontend Admin plugin by DynamiApps should be updated to a version higher than 3.19.4 according to the manufacturer's references. Additionally, it is recommended to ensure that the PHP 'openssl' extension is loaded on the server, which eliminates the necessary condition for exploiting this vulnerability.
Frontend Admin by DynamiApps plugin for WordPress, all versions up to and including 3.19.4, when the PHP 'openssl' extension is not loaded on the server.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HDynamiapps Frontend Admin
APPDynamiapps< 3.19.5
Related vulnerabilities
Nieuwierzytelniony upload dowolnych plików w WordPress Frontend Admin by DynamiApps
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Shabti K...
The Frontend Admin by DynamiApps plugin for WordPress is vulnerable to Stored Cross-Site Scripting via submiss...
The Frontend Admin by DynamiApps plugin for WordPress is vulnerable to privilege escalation in all versions up...
The Frontend Admin by DynamiApps plugin for WordPress is vulnerable to SQL Injection via the 'orderby' paramet...