CVE-2024-8277

EPSS 1.65%
Veröffentlicht 11.09.2024 09:15:02
Zuletzt bearbeitet 26.09.2024 14:39:20
Quelle security@wordfence.com
CVE-Watchlists
Login
Unerledigt
Login

WooCommerce Photo Reviews Premium <= 1.3.13.2 - Authentication Bypass to Account Takeover and Privilege Escalation

The WooCommerce Photo Reviews Premium plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 1.3.13.2. This is due to the plugin not properly validating what user transient is being used in the login() function and not properly verifying the user's identity. This makes it possible for unauthenticated attackers to log in as user that has dismissed an admin notice in the past 30 days, which is often an administrator. Alternatively, a user can log in as any user with any transient that has a valid user_id as the value, though it would be more difficult to exploit this successfully.

Mögliche Gegenmaßnahme

WooCommerce Photo Reviews Premium: Update to version 1.3.14, or a newer patched version

Betroffene Produkte Warnungen 0 Metriken 2 CWE 2 Referenzen 6

NVD 1 VulnDex Vulnerability Enrichment 1

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Villatheme ≫ Woocommerce Photo Reviews SwPlatformwordpress Version < 1.3.14

Weitere Schwachstelleninformationen

SystemWordPress Plugin

≫

Produkt WooCommerce Photo Reviews Premium

Version *-1.3.13.2

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	1.65%	0.734

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
security@wordfence.com	9.8	3.9	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-288 Authentication Bypass Using an Alternate Path or Channel

The product requires authentication, but the product has an alternate path or channel that does not require authentication.

CWE-306 Missing Authentication for Critical Function

The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.

https://codecanyon.net/item/woocommerce-photo-reviews/21245349

Product

https://www.wordfence.com/threat-intel/vulnerabilities/id/a1e2d370-a716-4d6b-8e23-74db2fbd0760?source=cve

Third Party Advisory

https://www.wordfence.com/threat-intel/vulnerabilities/id/a1e2d370-a716-4d6b-8e23-74db2fbd0760

Third Party Advisory

https://nvd.nist.gov/vuln/detail/CVE-2024-8277

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2024-8277

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2024-8277

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2024-8277