Privilege Escalation Vulnerability in PayU CommercePro Plugin for WordPress
CVE-2024-12264

9.8CRITICAL

Key Information:

Vendor
Wordpress
Status
Payu Commercepro Plugin
Vendor
CVE Published:
7 January 2025

Summary

The PayU CommercePro Plugin for WordPress is susceptible to a privilege escalation vulnerability due to improper identity verification in its REST API endpoints. Specifically, the /wp-json/payu/v1/generate-user-token and /wp-json/payu/v1/get-shipping-cost endpoints lack adequate checks, allowing unauthenticated attackers to manipulate the user ID and authentication cookies. This flaw enables them to gain unauthorized administrative access by creating new admin accounts, compromising the security of WordPress installations using this plugin.

Affected Version(s)

PayU CommercePro Plugin * <= 3.8.3

References

https://www.wordfence.com/threat-intel/vulnerabilities/id...
https://plugins.trac.wordpress.org/browser/payu-india/tag...

CVSS V3.1

Score:
9.8
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

wesley
.