CVE-2024-5324

The Login/Signup Popup ( Inline Form + Woocommerce ) plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'import_settings' function in versions 2.7.1 to 2.7.2. This makes it possible for authenticated attackers, with Subscriber-level access and above, to change arbitrary options on affected sites. This can be used to enable new user registration and set the default role for new users to Administrator.

CVSS v3 8.8 HIGH

8.8^/10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 2.8 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://plugins.trac.wordpress.org/browser/easy-login-woocommerce/trunk/includes/xoo-framework/admin/class-xoo-admin-settings.php#L83	Patch
https://plugins.trac.wordpress.org/changeset/3093994/	Patch
https://www.wordfence.com/threat-intel/vulnerabilities/id/005a27c6-b9eb-466c-b0c3-ce52c25bb321?source=cve	Third Party Advisory
https://plugins.trac.wordpress.org/browser/easy-login-woocommerce/trunk/includes/xoo-framework/admin/class-xoo-admin-settings.php#L83	Patch
https://plugins.trac.wordpress.org/changeset/3093994/	Patch
https://www.wordfence.com/threat-intel/vulnerabilities/id/005a27c6-b9eb-466c-b0c3-ce52c25bb321?source=cve	Third Party Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:xootix:login\/signup_popup:2.7.1:::::wordpress::
	cpe:2.3:a:xootix:login\/signup_popup:2.7.2:::::wordpress::
	cpe:2.3:a:xootix:otp_login_woocommerce_\&_gravity_forms::::::wordpress::*
	cpe:2.3:a:xootix:side_cart_woocommerce:2.5:::::wordpress::
	cpe:2.3:a:xootix:waitlist_woocommerce::::::wordpress::*

History

21 Nov 2024, 09:47

Type	Values Removed	Values Added
References	~~() https://plugins.trac.wordpress.org/browser/easy-login-woocommerce/trunk/includes/xoo-framework/admin/class-xoo-admin-settings.php#L83 - Patch~~	() https://plugins.trac.wordpress.org/browser/easy-login-woocommerce/trunk/includes/xoo-framework/admin/class-xoo-admin-settings.php#L83 - Patch
References	~~() https://plugins.trac.wordpress.org/changeset/3093994/ - Patch~~	() https://plugins.trac.wordpress.org/changeset/3093994/ - Patch
References	~~() https://www.wordfence.com/threat-intel/vulnerabilities/id/005a27c6-b9eb-466c-b0c3-ce52c25bb321?source=cve - Third Party Advisory~~	() https://www.wordfence.com/threat-intel/vulnerabilities/id/005a27c6-b9eb-466c-b0c3-ce52c25bb321?source=cve - Third Party Advisory

24 Jul 2024, 17:42

Type	Values Removed	Values Added
CPE		cpe:2.3:a:xootix:otp_login_woocommerce_\&_gravity_forms::::::wordpress::* cpe:2.3:a:xootix:side_cart_woocommerce:2.5:::::wordpress:: cpe:2.3:a:xootix:waitlist_woocommerce::::::wordpress::* cpe:2.3:a:xootix:login\/signup_popup:2.7.2:::::wordpress:: cpe:2.3:a:xootix:login\/signup_popup:2.7.1:::::wordpress::
First Time		Xootix otp Login Woocommerce \& Gravity Forms Xootix Xootix waitlist Woocommerce Xootix side Cart Woocommerce Xootix login\/signup Popup
CWE		CWE-863
References	~~() https://plugins.trac.wordpress.org/browser/easy-login-woocommerce/trunk/includes/xoo-framework/admin/class-xoo-admin-settings.php#L83 -~~	() https://plugins.trac.wordpress.org/browser/easy-login-woocommerce/trunk/includes/xoo-framework/admin/class-xoo-admin-settings.php#L83 - Patch
References	~~() https://plugins.trac.wordpress.org/changeset/3093994/ -~~	() https://plugins.trac.wordpress.org/changeset/3093994/ - Patch
References	~~() https://www.wordfence.com/threat-intel/vulnerabilities/id/005a27c6-b9eb-466c-b0c3-ce52c25bb321?source=cve -~~	() https://www.wordfence.com/threat-intel/vulnerabilities/id/005a27c6-b9eb-466c-b0c3-ce52c25bb321?source=cve - Third Party Advisory

06 Jun 2024, 14:17

Type	Values Removed	Values Added
Summary		(es) El complemento Login/Signup Popup (Inline Form + Woocommerce) para WordPress es vulnerable a modificaciones no autorizadas de datos debido a una falta de verificación de capacidad en la función 'import_settings' en las versiones 2.7.1 a 2.7.2. Esto hace posible que atacantes autenticados, con acceso de nivel de suscriptor y superior, cambien opciones arbitrarias en los sitios afectados. Esto se puede utilizar para habilitar el registro de nuevos usuarios y establecer la función predeterminada para los nuevos usuarios en Administrador.

06 Jun 2024, 02:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-06-06 02:15

Updated : 2024-11-21 09:47

NVD link : CVE-2024-5324

Mitre link : CVE-2024-5324

CVE.ORG link : CVE-2024-5324

JSON object : View

Products Affected

xootix

waitlist_woocommerce
otp_login_woocommerce_\&_gravity_forms
login\/signup_popup
side_cart_woocommerce

CWE

CWE-863

Incorrect Authorization

8.8 /10