Privilege Escalation Vulnerability in WP-Recall Plugin Could Lead to Account Takeover

CVE-2024-8292

9.8CRITICAL

Key Information

Vendor: WPpost
Status: WP-recall – Registration, Profile, Commerce & More
Vendor: CVE Published:; 6 September 2024

Summary

The WP-Recall – Registration, Profile, Commerce & More plugin for WordPress is vulnerable to privilege escalation/account takeover in all versions up to, and including, 16.26.8. This is due to to plugin not properly verifying a user's identity during new order creation. This makes it possible for unauthenticated attackers to supply any email through the user_email field and update the password for that user during new order creation. This requires the commerce addon to be enabled in order to exploit.

Affected Version(s)

WP-Recall – Registration, Profile, Commerce & More <= 16.26.8

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published.
Sep 6, 2024
Disclosed
Sep 5, 2024
Vulnerability Reserved.
Aug 28, 2024

Collectors

NVD DatabaseMitre Database

Credit

wesley