CVSS base score
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N
What the vulnerability does
The KiviCare – Clinic & Patient Management System (EHR) plugin for WordPress is vulnerable to Privilege Escalation due to missing authorization on the `/wp-json/kivicare/v1/setup-wizard/clinic` REST API endpoint in all versions up to, and including, 4.1.2. This makes it possible for unauthenticated attackers to create a new clinic and a WordPress user with clinic admin privileges.
Explanation of Vulnerability in Simple Terms
KiviCare versions up to 4.1.2 lack proper authorization checks, allowing unauthenticated attackers to modify data through network requests. An attacker can change records without needing valid credentials or user interaction. The vulnerability affects the clinic management system's data integrity but does not expose sensitive information or disrupt availability.
What an attacker can do
Modify clinic or patient records without authentication.
Potential impact on your site
Patient or clinic data can be altered by unauthorized parties, compromising record accuracy and compliance.
Conditions required to exploit
Network access to the KiviCare installation; no authentication or user interaction required.
Key dates
External resources
Related vulnerabilities
