一、 漏洞 CVE-2024-13692 基础信息
漏洞标题
WooCommerce<=4.4.5插件存在不安全直接对象引用漏洞
来源:AIGC 神龙大模型
漏洞描述信息
WordPress插件Return Refund and Exchange For WooCommerce – Return Management System, RMA Exchange, Wallet And Cancel Order Features在所有版本中(包括4.4.5版本)存在不安全直接对象引用漏洞。由于用户可控的键值缺少验证,使得未经身份验证的攻击者能够覆盖关联的退款图片附件,覆盖退款请求消息,覆盖订单消息,以及读取其他用户的订单消息。
来源:AIGC 神龙大模型
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
来源:AIGC 神龙大模型
漏洞类别
通过用户控制密钥绕过授权机制
来源:AIGC 神龙大模型
漏洞标题
Return Refund and Exchange For WooCommerce <= 4.4.5 - Authenticated (Subscriber+) Insecure Direct Object Reference
来源:美国国家漏洞数据库 NVD
漏洞描述信息
The Return Refund and Exchange For WooCommerce – Return Management System, RMA Exchange, Wallet And Cancel Order Features plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 4.4.5 via several functions due to missing validation on a user controlled key. This makes it possible for unauthenticated attackers to overwrite linked refund image attachments, overwrite refund request message, overwrite order messages, and read order messages of other users.
来源:美国国家漏洞数据库 NVD
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
来源:美国国家漏洞数据库 NVD
漏洞类别
授权机制不恰当
来源:美国国家漏洞数据库 NVD
二、漏洞 CVE-2024-13692 的公开POC
# POC 描述 源链接 神龙链接
三、漏洞 CVE-2024-13692 的情报信息

  • 标题: Return Refund and Exchange For WooCommerce <= 4.4.5 - Authenticated (Subscriber+) Insecure Direct Object Reference -- 🔗来源链接

    标签:

    Return Refund and Exchange For WooCommerce <= 4.4.5 - Authenticated (Subscriber+) Insecure Direct Object Reference

  • 标题: class-woo-refund-and-exchange-lite-common.php in woo-refund-and-exchange-lite/trunk/common – WordPress Plugin Repository -- 🔗来源链接

    标签:

    class-woo-refund-and-exchange-lite-common.php in woo-refund-and-exchange-lite/trunk/common – WordPress Plugin Repository

  • 标题: class-woo-refund-and-exchange-lite-common.php in woo-refund-and-exchange-lite/trunk/common – WordPress Plugin Repository -- 🔗来源链接

    标签:

    class-woo-refund-and-exchange-lite-common.php in woo-refund-and-exchange-lite/trunk/common – WordPress Plugin Repository

  • 标题: class-woo-refund-and-exchange-lite-common.php in woo-refund-and-exchange-lite/trunk/common – WordPress Plugin Repository -- 🔗来源链接

    标签:

    class-woo-refund-and-exchange-lite-common.php in woo-refund-and-exchange-lite/trunk/common – WordPress Plugin Repository

  • 标题: class-woo-refund-and-exchange-lite-public.php in woo-refund-and-exchange-lite/trunk/public – WordPress Plugin Repository -- 🔗来源链接

    标签:

    class-woo-refund-and-exchange-lite-public.php in woo-refund-and-exchange-lite/trunk/public – WordPress Plugin Repository

  • 标题: Changeset 3236486 – WordPress Plugin Repository -- 🔗来源链接

    标签:

    Changeset 3236486 – WordPress Plugin Repository
  • https://nvd.nist.gov/vuln/detail/CVE-2024-13692