脆弱性情報
高度な大規模言語モデル技術を使用していますが、出力には不正確または古い情報が含まれる可能性があります。Shenlongはデータの正確性を確保するよう努めていますが、実際の状況に基づいて検証・判断してください。
脆弱性タイトル
Colissimo Officiel : Méthodes de livraison pour WooCommerce <= 2.9.0 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Order Shipment Modification via lpc_order_affect AJAX action
脆弱性説明
The Colissimo Officiel : Méthodes de livraison pour WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the updateShippingMethod() function (registered to the wp_ajax_lpc_order_affect AJAX action) in versions up to, and including, 2.9.0. This is due to the handler performing no current_user_can() capability check and no nonce verification before reading an attacker-supplied order_id and modifying that order's shipping method, pickup-point meta, and shipping address. This makes it possible for authenticated attackers, with Subscriber-level access and above, to create or modify the shipment information (shipping method, pickup relay data, and shipping address) of arbitrary WooCommerce orders, including orders placed by other users.
CVSS情報
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
脆弱性タイプ
授权机制缺失
脆弱性タイトル
WordPress Colissimo shipping methods for WooCommerce 授权问题漏洞
脆弱性説明
WordPress Colissimo shipping methods for WooCommerce是WordPress基金会的一款为WooCommerce提供法国Colissimo物流配送方式集成与运费计算的配送插件。 WordPress Colissimo shipping methods for WooCommerce 2.9.0及之前版本存在授权问题漏洞,该漏洞源于updateShippingMethod()函数缺少权限检查,可能导致已通过身份验证的攻击者(具有订阅者级别及以上权限)修改任意W
CVSS情報
N/A
脆弱性タイプ
N/A