CVE-2024-8290

The WCFM – Frontend Manager for WooCommerce along with Bookings Subscription Listings Compatible plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 6.7.12 via the WCFM_Customers_Manage_Controller::processing function due to missing validation on the ID user controlled key. This makes it possible for authenticated attackers, with subscriber/customer-level access and above, to change the email address of administrator user accounts which allows them to reset the password and access the administrator account.
Configurations

Configuration 1 (hide)

cpe:2.3:a:wclovers:frontend_manager_for_woocommerce_along_with_bookings_subscription_listings_compatible:*:*:*:*:*:wordpress:*:*

History

02 Oct 2024, 18:23

Type Values Removed Values Added
First Time Wclovers
Wclovers frontend Manager For Woocommerce Along With Bookings Subscription Listings Compatible
CPE cpe:2.3:a:wclovers:frontend_manager_for_woocommerce_along_with_bookings_subscription_listings_compatible:*:*:*:*:*:wordpress:*:*
References () https://plugins.trac.wordpress.org/browser/wc-frontend-manager/tags/6.7.12/controllers/customers/wcfm-controller-customers-manage.php#L97 - () https://plugins.trac.wordpress.org/browser/wc-frontend-manager/tags/6.7.12/controllers/customers/wcfm-controller-customers-manage.php#L97 - Product
References () https://plugins.trac.wordpress.org/changeset/3156433/wc-frontend-manager/trunk/controllers/customers/wcfm-controller-customers-manage.php - () https://plugins.trac.wordpress.org/changeset/3156433/wc-frontend-manager/trunk/controllers/customers/wcfm-controller-customers-manage.php - Patch
References () https://www.wordfence.com/threat-intel/vulnerabilities/id/79172fe3-c0cf-48c4-8bc5-862c628c1a09?source=cve - () https://www.wordfence.com/threat-intel/vulnerabilities/id/79172fe3-c0cf-48c4-8bc5-862c628c1a09?source=cve - Third Party Advisory

26 Sep 2024, 13:32

Type Values Removed Values Added
Summary
  • (es) El complemento WCFM – Frontend Manager for WooCommerce along with Bookings Subscription Listings Compatible para WordPress es vulnerable a la referencia directa a objetos inseguros en todas las versiones hasta la 6.7.12 incluida a través de la función WCFM_Customers_Manage_Controller::processing debido a la falta de validación en la clave controlada por el usuario de ID. Esto hace posible que los atacantes autenticados, con acceso de nivel de suscriptor/cliente y superior, cambien la dirección de correo electrónico de las cuentas de usuario de administrador, lo que les permite restablecer la contraseña y acceder a la cuenta de administrador.

25 Sep 2024, 07:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-09-25 07:15

Updated : 2024-10-02 18:23


NVD link : CVE-2024-8290

Mitre link : CVE-2024-8290

CVE.ORG link : CVE-2024-8290


JSON object : View

Products Affected

wclovers

  • frontend_manager_for_woocommerce_along_with_bookings_subscription_listings_compatible
CWE
CWE-639

Authorization Bypass Through User-Controlled Key