Ultimate Product Catalog < 5.0.26 - Subscriber+ Arbitrary Product Creation & Settings Update
CVE-2021-24993

6.5MEDIUM

Key Information:

Vendor: Wordpress
Status: Ultimate Product Catalog – WordPress Catalog Plugin
Vendor: CVE Published:; 7 February 2022

Summary

The Ultimate Product Catalog WordPress plugin before 5.0.26 does not have authorisation and CSRF checks in some AJAX actions, which could allow any authenticated users, such as subscriber to call them and add arbitrary products, or change the plugin's settings for example

Affected Version(s)

Ultimate Product Catalog – WordPress Catalog Plugin 5.0.26

References

https://wpscan.com/vulnerability/514416fa-d915-4953-bf1b-...

x_refsource_MISC

https://plugins.trac.wordpress.org/changeset/2650578

x_refsource_CONFIRM

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Feb 7, 2022
Vulnerability Reserved
Jan 14, 2021

Credit

Krzysztof Zając