WordPress Plugin Vulnerabilities

WPC Frequently Bought Together for WooCommerce < 7.0.4 - Missing Authorization

Description

The WPC Frequently Bought Together for WooCommerce plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the ajax_get_search_results, ajax_import_export, and ajax_import_export_save functions in versions up to, and including, 7.0.3. This makes it possible for authenticated attackers, with subscriber-level access and above, to perform unauthorized actions.

Affects Plugins

Plugin icon
woo-bought-together
Fixed in 7.0.4

References

CVE
CVE-2024-32687
URL
https://www.wordfence.com/threat-intel/vulnerabilities/id/c2e98359-6b38-4132-9699-a0180813bff3

Classification

Type
NO AUTHORISATION
OWASP top 10
A5: Broken Access Control
CWE
CWE-862
CVSS
4.3 (medium)

Miscellaneous

Original Researcher
Abdi Pranata
Verified
No
WPVDB ID
cdc0798a-f945-4d30-91b9-ec716ffa22ed

Timeline

Publicly Published
2024-04-17 (about 24 days ago)
Added
2024-04-23 (about 17 days ago)
Last Updated
2024-04-23 (about 17 days ago)

Other

Published
Title
Published
2024-04-29
Title
Progressive WordPress (PWA) <= 2.1.13 - Missing Authorization
Published
2024-02-06
Title
Podlove Podcast Publisher < 4.0.12 - Missing Authorization to Unauthenticated Data Export
Published
2024-04-17
Title
WP Social Comments < 1.7.4 - Missing Authorization via wpfc_allow_comments()
Published
2023-10-16
Title
Broken Link Checker | Finder < 2.5.0 - Missing Authorization via moblc_auth_save_settings
Published
2023-12-06
Title
System Dashboard < 2.8.8 - Missing Authorization to Information Disclosure (sd_php_info)