🔴 《严重安全漏洞：CVE-2026-12415》

CVSS 评分: 严重（9.8）　　状态: Received　　发布时间: 2026-06-27

---

英文原文描述

The Invoice Generator plugin for WordPress is vulnerable to privilege escalation due to a missing capability check on the pravel_invoice_edit_account() AJAX action in versions up to, and including, 1.0.0. The handler is exposed via wp_ajax_nopriv_pravel_invoice_edit_account, accepts an attacker-controlled user_id and user_email from POST data, and calls wp_update_user() without verifying authentication, ownership, or a nonce. This makes it possible for unauthenticated attackers to change the email address of any user, including administrators, and then trigger WordPress's password reset flow to gain access to the targeted account.

---

🔍 技术细节

字段	值
CVE ID	CVE-2026-12415
CVSS 评分	9.8 🔴
严重程度	严重
CVSS 向量	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE 分类	CWE-269
发布时间	2026-06-27
最后更新	2026-06-27
状态	Received
数据来源	security@wordfence.com

---

🔗 参考链接

• https://plugins.trac.wordpress.org/browser/invoice-creator/trunk/lib/user-manage-function.php#L184

• https://plugins.trac.wordpress.org/browser/invoice-creator/trunk/lib/user-manage-function.php#L193

• https://plugins.trac.wordpress.org/browser/invoice-creator/trunk/lib/user-manage-function.php#L203

• https://www.wordfence.com/threat-intel/vulnerabilities/id/ee045d0d-101a-4ae2-b209-4a4865eec195?source=cve

• NVD 正式页面: https://nvd.nist.gov/vuln/detail/CVE-2026-12415

---

🤖 本文由 CVE 安全快讯机器人自动生成
英文描述已由 AI 自动翻译为中文，仅供参考，请以原文为准
数据来源: NVD (National Vulnerability Database) | 获取时间: 2026-06-27 18:06