Lucene search

WordfenceVULNRICHMENT:CVE-2024-8277

HistorySep 11, 2024 - 8:31 a.m.

CVE-2024-8277 WooCommerce Photo Reviews Premium <= 1.3.13.2 - Authentication Bypass to Account Takeover and Privilege Escalation

2024-09-1108:31:05

CWE-288

Wordfence

github.com

woocommerce

photo reviews

wordpress

authentication bypass

account takeover

privilege escalation

vulnerable plugin

user transient

unauthenticated attackers

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

7.4

Confidence

Low

EPSS

0.001

Percentile

39.7%

SSVC

Exploitation

none

Automatable

Technical Impact

partial

JSON

The WooCommerce Photo Reviews Premium plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 1.3.13.2. This is due to the plugin not properly validating what user transient is being used in the login() function and not properly verifying the user’s identity. This makes it possible for unauthenticated attackers to log in as user that has dismissed an admin notice in the past 30 days, which is often an administrator. Alternatively, a user can log in as any user with any transient that has a valid user_id as the value, though it would be more difficult to exploit this successfully.

References

codecanyon.net/item/woocommerce-photo-reviews/21245349

www.wordfence.com/threat-intel/vulnerabilities/id/a1e2d370-a716-4d6b-8e23-74db2fbd0760?source=cve

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

7.4

Confidence

Low

EPSS

0.001

Percentile

39.7%

SSVC

Exploitation

none

Automatable

Technical Impact

partial

JSON

Related for VULNRICHMENT:CVE-2024-8277