PT-2022-13595 · Woocommerce · The Product Table For Woocommerce

Mark Costlow

Published

2022-04-18

Updated

2022-05-10

CVE-2022-1020

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions The Product Table for WooCommerce (wooproducttable) versions prior to 3.1.2

Description The issue concerns the lack of authorization and CSRF checks in the wpt admin update notice option AJAX action, which is accessible to both unauthenticated and authenticated users. Additionally, the callback parameter is not validated, allowing unauthenticated attackers to call arbitrary functions with either no or one user-controlled argument.

Recommendations For versions prior to 3.1.2, update to version 3.1.2 or later to resolve the issue. As a temporary workaround, consider disabling the wpt admin update notice option AJAX action until a patch is available. Restrict access to the wpt admin update notice option AJAX endpoint to minimize the risk of exploitation. Avoid using the callback parameter in the affected AJAX endpoint until the issue is resolved.

Exploit

Fix

Missing Authorization

CSRF

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-862CWE-352

Related Identifiers

CVE-2022-1020

Affected Products

The Product Table For Woocommerce

PT-2022-13595 · Woocommerce · The Product Table For Woocommerce

CVE-2022-1020

Weakness Enumeration

Related Identifiers

Affected Products

References · 6