CVE-2021-4337

Published Jun 7, 2023

Last updated a year ago

CVSS high 8.8

Overview

Description: Sixteen XforWooCommerce Add-On Plugins for WordPress are vulnerable to authorization bypass due to a missing capability check on the wp_ajax_svx_ajax_factory function in various versions listed below. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to read, edit, or delete WordPress settings, plugin settings, and to arbitrarily list all users on a WordPress website. The plugins impacted are: Product Filter for WooCommerce < 8.2.0, Improved Product Options for WooCommerce < 5.3.0, Improved Sale Badges for WooCommerce < 4.4.0, Share, Print and PDF Products for WooCommerce < 2.8.0, Product Loops for WooCommerce < 1.7.0, XforWooCommerce < 1.7.0, Package Quantity Discount < 1.2.0, Price Commander for WooCommerce < 1.3.0, Comment and Review Spam Control for WooCommerce < 1.5.0, Add Product Tabs for WooCommerce < 1.5.0, Autopilot SEO for WooCommerce < 1.6.0, Floating Cart < 1.3.0, Live Search for WooCommerce < 2.1.0, Bulk Add to Cart for WooCommerce < 1.3.0, Live Product Editor for WooCommerce < 4.7.0, and Warranties and Returns for WooCommerce < 5.3.0.
Source: security@wordfence.com
NVD status: Modified

Risk scores

CVSS 3.1

Type: Primary
Base score: 8.8
Impact score: 5.9
Exploitability score: 2.8
Vector string: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Severity: HIGH

Weaknesses

nvd@nist.gov: CWE-862

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:xforwoocommerce:add_product_tabs:*:*:*:*:*:wordpress:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EF32845C-A082-4218-A2DE-9E70FE404A5B",
            "versionEndExcluding": "1.5.0"
          },
          {
            "criteria": "cpe:2.3:a:xforwoocommerce:autopilot_seo:*:*:*:*:*:wordpress:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F2F6559F-BF4C-4963-BEBB-8D782606A4C4",
            "versionEndExcluding": "1.6.0"
          },
          {
            "criteria": "cpe:2.3:a:xforwoocommerce:bulk_add_to_cart:*:*:*:*:*:wordpress:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DA1EFA61-4DFF-4BAF-AD21-0FBEFDFB185B",
            "versionEndExcluding": "1.3.0"
          },
          {
            "criteria": "cpe:2.3:a:xforwoocommerce:comment_and_review_spam_control:*:*:*:*:*:wordpress:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A062382F-5B88-4ABD-9887-B1852DDD17E5",
            "versionEndExcluding": "1.5.0"
          },
          {
            "criteria": "cpe:2.3:a:xforwoocommerce:floating_cart:*:*:*:*:*:wordpress:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3CA7CE2F-63FF-4EAA-B3C6-393F43DA9F31",
            "versionEndExcluding": "1.3.0"
          },
          {
            "criteria": "cpe:2.3:a:xforwoocommerce:improved_product_options:*:*:*:*:*:wordpress:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E1BBD259-8F51-4AF8-BE0A-04BEB2407F62",
            "versionEndExcluding": "5.3.0"
          },
          {
            "criteria": "cpe:2.3:a:xforwoocommerce:improved_sale_badges:*:*:*:*:*:wordpress:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9C8FFD0C-805D-43FE-AF3E-2EF0EFD0231E",
            "versionEndExcluding": "4.4.0"
          },
          {
            "criteria": "cpe:2.3:a:xforwoocommerce:live_product_editor:*:*:*:*:*:wordpress:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2579E688-CAB2-4BAC-90A1-FF805A380C2B",
            "versionEndExcluding": "4.7.0"
          },
          {
            "criteria": "cpe:2.3:a:xforwoocommerce:live_search:*:*:*:*:*:wordpress:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D613DF5D-D003-4B93-81B8-0B58257B334B",
            "versionEndExcluding": "2.1.0"
          },
          {
            "criteria": "cpe:2.3:a:xforwoocommerce:package_quantity:*:*:*:*:*:wordpress:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B45F34B1-5F06-492E-A257-1ECD3374626A",
            "versionEndExcluding": "1.2.0"
          },
          {
            "criteria": "cpe:2.3:a:xforwoocommerce:price_commander:*:*:*:*:*:wordpress:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F591A0E8-4B35-4434-9081-C1F50D6F2992",
            "versionEndExcluding": "1.3.0"
          },
          {
            "criteria": "cpe:2.3:a:xforwoocommerce:product_filter:*:*:*:*:*:wordpress:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7753ADC1-DCDC-43FB-82E1-3504762FAF94",
            "versionEndExcluding": "8.2.0"
          },
          {
            "criteria": "cpe:2.3:a:xforwoocommerce:product_loops:*:*:*:*:*:wordpress:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B43756CF-DCF1-4BD6-AF3C-C3C564C9E85E",
            "versionEndExcluding": "1.7.0"
          },
          {
            "criteria": "cpe:2.3:a:xforwoocommerce:share\\,_print_and_pdf_products:*:*:*:*:*:wordpress:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A9523695-0B82-469A-8099-AF2E98D77D7B",
            "versionEndExcluding": "2.8.0"
          },
          {
            "criteria": "cpe:2.3:a:xforwoocommerce:warranties_and_returns:*:*:*:*:*:wordpress:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E1887B1A-86B3-49A3-AF94-86AE04C24DE0",
            "versionEndExcluding": "5.3.0"
          },
          {
            "criteria": "cpe:2.3:a:xforwoocommerce:xforwoocommerce:*:*:*:*:*:wordpress:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EEE062F3-7EC3-4FBC-A5E9-CCE825C2B36F",
            "versionEndExcluding": "1.7.0"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 3.1

Weaknesses

Social media

Configurations

References