Lucene search

WordfenceCVELIST:CVE-2021-4355

HistoryJun 07, 2023 - 1:51 a.m.

CVE-2021-4355

2023-06-0701:51:24

Wordfence

www.cve.org

welcart

e-commerce

wordpress

authorization bypass

capability checks

admin_init

unauthenticated attackers

download lists

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

0.001 Low

EPSS

Percentile

39.5%

JSON

The Welcart e-Commerce plugin for WordPress is vulnerable to authorization bypass due to missing capability checks on the download_orderdetail_list(), change_orderlist(), and download_member_list() functions called via admin_init hooks in versions up to, and including, 2.2.7. This makes it possible for unauthenticated attackers to download lists of members, products and orders.

CNA Affected

[
  {
    "vendor": "uscnanbu",
    "product": "Welcart e-Commerce",
    "versions": [
      {
        "version": "*",
        "status": "affected",
        "lessThan": "2.2.8",
        "versionType": "semver"
      }
    ],
    "defaultStatus": "unaffected"
  }
]

References

blog.nintechnet.com/wordpress-welcart-e-commerce-plugin-fixed-vulnerabilities/

www.wordfence.com/threat-intel/vulnerabilities/id/671f5ba5-1f18-49fa-aa97-eaebdb3417bb?source=cve

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

0.001 Low

EPSS

Percentile

39.5%

JSON

Related for CVELIST:CVE-2021-4355