PT-2024-17509 · WordPress · The Simple Ecommerce Shopping Cart Plugin
Lucio Sá
·
Published
2024-12-07
·
Updated
2024-12-07
·
CVE-2024-12253
CVSS v3.1
5.4
Medium
| Vector | AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
The Simple Ecommerce Shopping Cart Plugin- Sell products through Paypal plugin for WordPress versions up to, and including, 3.1.2
Description
The issue is related to a missing capability check on the 'save settings', 'export csv', and 'simpleecommcart-action' actions. This allows authenticated attackers with subscriber-level access and above to update the plugin's settings and retrieve order and log data. The log data is also accessible to unauthenticated users.
Recommendations
For versions up to, and including, 3.1.2, update to a version that includes a fix for the missing capability check on the 'save settings', 'export csv', and 'simpleecommcart-action' actions. As a temporary workaround, consider restricting access to the plugin's settings and log data to prevent unauthorized updates and data retrieval.
Fix
Missing Authorization
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
The Simple Ecommerce Shopping Cart Plugin