CRITICAL🇵🇱 Wersja polska

CVE-2024-8277

CVSS 9.8v3.1pub. 2024-09-11upd. 2024-09-26

The WooCommerce Photo Reviews Premium plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 1.3.13.2. This is due to the plugin not properly validating what user transient is being used in the login() function and not properly verifying the user's identity. This makes it possible for unauthenticated attackers to log in as user that has dismissed an admin notice in the past 30 days, which is often an administrator. Alternatively, a user can log in as any user with any transient that has a valid user_id as the value, though it would be more difficult to exploit this successfully.

🤖 AI Analysis
How it works

The plugin does not properly verify which user transient is being used in the login() function, nor does it properly verify user identity. An attacker without any privileges can log in as a user who has rejected an administrative notification within the last 30 days — most often this is an administrator. Alternatively, it is possible to log in as any user if the attacker has a transient containing the correct user_id as a value, although this path is more difficult to exploit.

Impact

An attacker can take control of a WordPress administrator account or other user account, leading to complete website takeover — including content modification, installation of malicious plugins, and data breach.

Mitigation & patch

The WooCommerce Photo Reviews Premium plugin must be updated immediately to a version higher than 1.3.13.2. Patches available from the vendor should be applied according to references.

Who is affected

WooCommerce Photo Reviews Premium plugin for WordPress in all versions up to and including 1.3.13.2.

Analysis generated by Claude AI (Anthropic) based on NVD data. Always verify with vendor.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Villatheme Woocommerce Photo Reviews

    APP
    Villatheme
    < 1.3.14
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
Auth Bypass
CWE
References

Related vulnerabilities

CVE-2022-41623HIGH7.5ten sam vendor

Sensitive Data Exposure in Villatheme ALD - AliExpress Dropshipping and Fulfillment for WooCommerce premium pl...

CVE-2022-1037HIGH7.2ten sam vendor

The EXMAGE WordPress plugin before 1.0.7 does to ensure that images added via URLs are external images, which ...

CVE-2024-12861MEDIUM6.5ten sam vendor

The W2S – Migrate WooCommerce to Shopify plugin for WordPress is vulnerable to Arbitrary File Read in all vers...

CVE-2024-49288MEDIUM5.9ten sam vendor

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in VillaThe...

CVE-2024-1686MEDIUM4.3ten sam vendor

The Thank You Page Customizer for WooCommerce – Increase Your Sales plugin for WordPress is vulnerable to miss...