The WP-Recall – Registration, Profile, Commerce & More plugin for WordPress is vulnerable to privilege escalation/account takeover in all versions up to, and including, 16.26.8. This is due to to plugin not properly verifying a user's identity during new order creation. This makes it possible for unauthenticated attackers to supply any email through the user_email field and update the password for that user during new order creation. This requires the commerce addon to be enabled in order to exploit.
References
Configurations
History
12 Sep 2024, 12:37
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:plechevandrey:wp-recall:*:*:*:*:*:wordpress:*:* | |
First Time |
Plechevandrey wp-recall
Plechevandrey |
|
References | () https://plugins.trac.wordpress.org/browser/wp-recall/tags/16.26.8/add-on/commerce/classes/class-rcl-create-order.php#L127 - Product | |
References | () https://plugins.trac.wordpress.org/browser/wp-recall/tags/16.26.8/add-on/commerce/functions-frontend.php#L113 - Product | |
References | () https://plugins.trac.wordpress.org/browser/wp-recall/tags/16.26.8/rcl-functions.php#L1339 - Product | |
References | () https://plugins.trac.wordpress.org/changeset/3145798/wp-recall/trunk/add-on/commerce/classes/class-rcl-create-order.php - Patch | |
References | () https://www.wordfence.com/threat-intel/vulnerabilities/id/8fa4b5df-dc71-49de-880b-895eb1d9cdca?source=cve - Third Party Advisory |
06 Sep 2024, 12:08
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
06 Sep 2024, 07:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-09-06 07:15
Updated : 2024-09-12 12:37
NVD link : CVE-2024-8292
Mitre link : CVE-2024-8292
CVE.ORG link : CVE-2024-8292
JSON object : View
Products Affected
plechevandrey
- wp-recall
CWE
CWE-639
Authorization Bypass Through User-Controlled Key