Back

CVE-2024-6500

Aug. 17, 2024, 3:15 a.m.

Received
CVE has been recently published to the CVE List and has been received by the NVD.

Products

InPost for WooCommerce plugin

  • up to 1.4.0

InPost PL plugin for WordPress

  • up to 1.4.4

Source

security@wordfence.com

Tags

security@wordfence.com
CWE-862
2024-08-17
CVE-2024-6500

CVE-2024-6500 details

Published : Aug. 17, 2024, 3:15 a.m.
Last Modified : Aug. 17, 2024, 3:15 a.m.

Description

The InPost for WooCommerce plugin and InPost PL plugin for WordPress are vulnerable to unauthorized access and deletion of data due to a missing capability check on the 'parse_request' function in all versions up to, and including, 1.4.0 (for InPost for WooCommerce) as well as 1.4.4 (for InPost PL). This makes it possible for unauthenticated attackers to read and delete arbitrary files on Windows servers. On Linux servers, only files within the WordPress install will be deleted, but all files can be read.

CVSS Score

1 2 3 4 5 6 7 8 9 10.0

Weakness

Weakness Name Description
CWE-862 Missing Authorization The product does not perform an authorization check when an actor attempts to access a resource or perform an action.

CVSS Data

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

HIGH

Base Score

10.0

Exploitability Score

3.9

Impact Score

5.8

Base Severity

CRITICAL

Vector String : CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:H

References

URL Source
https://plugins.trac.wordpress.org/browser/inpost-for-woocommerce/trunk/src/InspireLabs/WoocommerceInpost/EasyPack_Helper.php#L267 security@wordfence.com
https://plugins.trac.wordpress.org/browser/inpost-for-woocommerce/trunk/src/InspireLabs/WoocommerceInpost/EasyPack_Helper.php#L75 security@wordfence.com
https://plugins.trac.wordpress.org/browser/woo-inpost/trunk/classes/class-helper.php#L140 security@wordfence.com
https://plugins.trac.wordpress.org/browser/woo-inpost/trunk/classes/class-helper.php#L216 security@wordfence.com
https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3115602%40inpost-for-woocommerce%2Ftrunk&old=3110579%40inpost-for-woocommerce%2Ftrunk&sfp_email=&sfph_mail= security@wordfence.com
https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3125034%40woo-inpost%2Ftrunk&old=2886304%40woo-inpost%2Ftrunk&sfp_email=&sfph_mail= security@wordfence.com
https://www.wordfence.com/threat-intel/vulnerabilities/id/7b57e750-71ec-4c52-999b-6c14a78c3bff?source=cve security@wordfence.com
This website uses the NVD API, but is not approved or certified by it.