CVE-2022-3995

Опубликовано: 29 нояб. 2022

Источник: nvd

CVSS3: 4.3

EPSS Низкий

Описание

The TeraWallet plugin for WordPress is vulnerable to Insecure Direct Object Reference in versions up to, and including, 1.4.3. This is due to insufficient validation of the user-controlled key on the lock_unlock_terawallet AJAX action. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to lock/unlock other users wallets.

Ссылки

https://plugins.trac.wordpress.org/changeset/2817824/woo-wallet/trunk?contextall=1&old=2816610&old_path=%2Fwoo-wallet%2Ftrunk
Patch
Third Party Advisory
https://www.wordfence.com/vulnerability-advisories-continued/#CVE-2022-3995
Third Party Advisory
https://plugins.trac.wordpress.org/changeset/2817824/woo-wallet/trunk?contextall=1&old=2816610&old_path=%2Fwoo-wallet%2Ftrunk
Patch
Third Party Advisory
https://www.wordfence.com/vulnerability-advisories-continued/#CVE-2022-3995
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:standalonetech:terawallet:*:*:*:*:*:wordpress:*:*

Версия до 1.4.3 (включая)

EPSS

Процентиль: 30%

0.00111

Низкий

4.3 Medium

CVSS3

Дефекты

CWE-639

Связанные уязвимости

GHSA-2p29-98c8-mc4x