Lucene search

WpvulndbWPVDB-ID:99A314E6-DBA3-4951-AAD5-DE66CFDB6327

HistoryApr 11, 2024 - 12:00 a.m.

Sumo < 1.35 - Cross-Site Request Forgery

2024-04-1100:00:00

wpscan.com

sumo

wordpress

csrf

vulnerability

ajax_sumo_add_woocommerce_coupon

ajax_sumo_remove_woocommerce_coupon

CVSS3

3.7

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L

AI Score

6.1

Confidence

High

EPSS

Percentile

9.0%

JSON

Description The Sumo plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.34. This is due to missing or incorrect nonce validation on the ajax_sumo_add_woocommerce_coupon and ajax_sumo_remove_woocommerce_coupon functions. This makes it possible for unauthenticated attackers to add and remove coupons via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.

References

www.wordfence.com/threat-intel/vulnerabilities/id/b5f4e9bf-b452-4425-8bf2-73be7857b3ef

CVSS3

3.7

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L

AI Score

6.1

Confidence

High

EPSS

Percentile

9.0%

JSON

Related for WPVDB-ID:99A314E6-DBA3-4951-AAD5-DE66CFDB6327