Lucene search
Francesco CarlucciWPEX-ID:7B4D4675-6089-4435-9B56-31496ADC4767HistoryFeb 02, 2022 - 12:00 a.m.
Custom Content Shortcode < 4.0.1 - Unauthorised Arbitrary Post Metadata Access
2022-02-0200:00:00
Francesco Carlucci
88
woocommerce plugin
arbitrary post metadata access
unauthorised access
EPSS
0.001
Percentile
24.8%
The [field] shortcode included with the plugin, allows authenticated users with a role as low as contributor, to access arbitrary post metadata. This could lead to sensitive data disclosure, for example when used in combination with WooCommerce, the email address of orders can be retrieved
With the WooCommerce plugin installed, add the following shortcode in a post as a contributor: [field _billing_email id="{order_id}"]
This would print out the order billing email, which contributors should have no access to!
This is valid for any post where the user is not allowed to access, but can use the shortcode to extrafiltrate any data by key/id.Related
prion
prion
Code injection
2022-03-07 09:15:00
cnvd
cnvd
WordPress Custom Content Shortcode plugin unauthorized access vulnerability
2022-03-09 00:00:00
nvd
nvd
CVE-2021-24824
2022-03-07 09:15:08
patchstack
patchstack
cvelist
cvelist
wpvulndb
wpvulndb
cve
cve
CVE-2021-24824
2022-03-07 09:15:08