The WooCommerce Order Proposal plugin for WordPress is vulnerable to privilege escalation via order proposal in all versions up to and including 2.0.5. This is due to the improper implementation of allow_payment_without_login function. This makes it possible for authenticated attackers, with Shop Manager-level access and above, to log in to WordPress as an arbitrary user account, including administrators.
History

Fri, 25 Oct 2024 16:45:00 +0000

Type Values Removed Values Added
First Time appeared Wpovernight
Wpovernight woocommerce Order Proposal
CPEs cpe:2.3:a:wpovernight:woocommerce_order_proposal:*:*:*:*:*:wordpress:*:*
Vendors & Products Wpovernight
Wpovernight woocommerce Order Proposal

Wed, 23 Oct 2024 14:15:00 +0000

Type Values Removed Values Added
First Time appeared Wordpress
Wordpress woocommerce Order Proposal
CPEs cpe:2.3:a:wordpress:woocommerce_order_proposal:*:*:*:*:*:*:*:*
Vendors & Products Wordpress
Wordpress woocommerce Order Proposal
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}


Wed, 23 Oct 2024 02:15:00 +0000

Type Values Removed Values Added
Description The WooCommerce Order Proposal plugin for WordPress is vulnerable to privilege escalation via order proposal in all versions up to and including 2.0.5. This is due to the improper implementation of allow_payment_without_login function. This makes it possible for authenticated attackers, with Shop Manager-level access and above, to log in to WordPress as an arbitrary user account, including administrators.
Title WooCommerce Order Proposal <= 2.0.5 - Authenticated (Shop Manager+) Privilege Escalation via Order Proposal
Weaknesses CWE-287
References
Metrics cvssV3_1

{'score': 7.2, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H'}


cve-icon MITRE

Status: PUBLISHED

Assigner: Wordfence

Published: 2024-10-23T02:06:04.052Z

Updated: 2024-10-23T14:06:19.510Z

Reserved: 2024-10-14T10:19:11.102Z

Link: CVE-2024-9927

cve-icon Vulnrichment

Updated: 2024-10-23T14:06:13.005Z

cve-icon NVD

Status : Analyzed

Published: 2024-10-23T02:15:07.467

Modified: 2024-10-25T16:29:27.300

Link: CVE-2024-9927

cve-icon Redhat

No data.