CVE-2024-0626 - Vulnerability Details - OpenCVE

The WooCommerce Clover Payment Gateway plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the callback_handler function in all versions up to, and including, 1.3.1. This makes it possible for unauthenticated attackers to mark orders as paid.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact Low

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Woocommerce	Woocommerce

No data.

No data.

References

Link	Providers
https://plugins.trac.wordpress.org/browser/woo-clover-gateway-by-zaytech/trunk/zaytech-woo-commerce-clover-integration.php?rev=2998654#L218
https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3055678%40woo-clover-gateway-by-zaytech%2Ftrunk&old=2998658%40woo-clover-gateway-by-zaytech%2Ftrunk&sfp_email=&sfph_mail=#file3
https://www.wordfence.com/threat-intel/vulnerabilities/id/57aacffa-0f49-4a33-ae40-d1c151363284?source=cve

History

No history.

MITRE

Status: PUBLISHED

Assigner: Wordfence

Published: 2024-04-09T18:58:50.178Z

Updated: 2024-08-01T20:01:07.389Z

Reserved: 2024-01-16T19:43:35.724Z

Link: CVE-2024-0626

Vulnrichment

Updated: 2024-08-01T18:11:35.690Z

NVD

Status : Awaiting Analysis

Published: 2024-04-09T19:15:14.723

Modified: 2024-11-21T08:47:01.817

Link: CVE-2024-0626

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-0626", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "state": "PUBLISHED", "assignerShortName": "Wordfence", "dateReserved": "2024-01-16T19:43:35.724Z", "datePublished": "2024-04-09T18:58:50.178Z", "dateUpdated": "2024-08-01T20:01:07.389Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2024-04-09T18:58:50.178Z"}, "affected": [{"vendor": "elbanyaoui", "product": "WooCommerce Clover Payment Gateway", "versions": [{"version": "*", "status": "affected", "lessThanOrEqual": "1.3.1", "versionType": "semver"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "The WooCommerce Clover Payment Gateway plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the callback_handler function in all versions up to, and including, 1.3.1. This makes it possible for unauthenticated attackers to mark orders as paid."}], "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/57aacffa-0f49-4a33-ae40-d1c151363284?source=cve"}, {"url": "https://plugins.trac.wordpress.org/browser/woo-clover-gateway-by-zaytech/trunk/zaytech-woo-commerce-clover-integration.php?rev=2998654#L218"}, {"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3055678%40woo-clover-gateway-by-zaytech%2Ftrunk&old=2998658%40woo-clover-gateway-by-zaytech%2Ftrunk&sfp_email=&sfph_mail=#file3"}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-284 Improper Access Control"}]}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "baseScore": 5.3, "baseSeverity": "MEDIUM"}}], "credits": [{"lang": "en", "type": "finder", "value": "Francesco Carlucci"}], "timeline": [{"time": "2024-03-22T00:00:00.000+00:00", "lang": "en", "value": "Disclosed"}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T18:11:35.690Z"}, "title": "CVE Program Container", "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/57aacffa-0f49-4a33-ae40-d1c151363284?source=cve", "tags": ["x_transferred"]}, {"url": "https://plugins.trac.wordpress.org/browser/woo-clover-gateway-by-zaytech/trunk/zaytech-woo-commerce-clover-integration.php?rev=2998654#L218", "tags": ["x_transferred"]}, {"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3055678%40woo-clover-gateway-by-zaytech%2Ftrunk&old=2998658%40woo-clover-gateway-by-zaytech%2Ftrunk&sfp_email=&sfph_mail=#file3", "tags": ["x_transferred"]}]}, {"affected": [{"vendor": "zaytech", "product": "woocommerce_clover_payment_gateway", "cpes": ["cpe:2.3:a:zaytech:woocommerce_clover_payment_gateway:*:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "1.3.1", "versionType": "semver"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-07-30T19:29:13.688380Z", "id": "CVE-2024-0626", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-08-01T20:01:07.389Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/57aacffa-0f49-4a33-ae40-d1c151363284?source=cve", "tags": ["x_transferred"]}, {"url": "https://plugins.trac.wordpress.org/browser/woo-clover-gateway-by-zaytech/trunk/zaytech-woo-commerce-clover-integration.php?rev=2998654#L218", "tags": ["x_transferred"]}, {"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3055678%40woo-clover-gateway-by-zaytech%2Ftrunk&old=2998658%40woo-clover-gateway-by-zaytech%2Ftrunk&sfp_email=&sfph_mail=#file3", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T18:11:35.690Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-0626", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-07-30T19:29:13.688380Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:zaytech:woocommerce_clover_payment_gateway:*:*:*:*:*:*:*:*"], "vendor": "zaytech", "product": "woocommerce_clover_payment_gateway", "versions": [{"status": "affected", "version": "0", "versionType": "semver", "lessThanOrEqual": "1.3.1"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-08-01T20:01:02.105Z"}}], "cna": {"credits": [{"lang": "en", "type": "finder", "value": "Francesco Carlucci"}], "metrics": [{"cvssV3_1": {"version": "3.1", "baseScore": 5.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"}}], "affected": [{"vendor": "elbanyaoui", "product": "WooCommerce Clover Payment Gateway", "versions": [{"status": "affected", "version": "*", "versionType": "semver", "lessThanOrEqual": "1.3.1"}], "defaultStatus": "unaffected"}], "timeline": [{"lang": "en", "time": "2024-03-22T00:00:00.000+00:00", "value": "Disclosed"}], "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/57aacffa-0f49-4a33-ae40-d1c151363284?source=cve"}, {"url": "https://plugins.trac.wordpress.org/browser/woo-clover-gateway-by-zaytech/trunk/zaytech-woo-commerce-clover-integration.php?rev=2998654#L218"}, {"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3055678%40woo-clover-gateway-by-zaytech%2Ftrunk&old=2998658%40woo-clover-gateway-by-zaytech%2Ftrunk&sfp_email=&sfph_mail=#file3"}], "descriptions": [{"lang": "en", "value": "The WooCommerce Clover Payment Gateway plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the callback_handler function in all versions up to, and including, 1.3.1. This makes it possible for unauthenticated attackers to mark orders as paid."}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-284 Improper Access Control"}]}], "providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2024-04-09T18:58:50.178Z"}}}, "cveMetadata": {"cveId": "CVE-2024-0626", "state": "PUBLISHED", "dateUpdated": "2024-08-01T20:01:07.389Z", "dateReserved": "2024-01-16T19:43:35.724Z", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "datePublished": "2024-04-09T18:58:50.178Z", "assignerShortName": "Wordfence"}, "dataVersion": "5.1"}

{"descriptions": [{"lang": "en", "value": "The WooCommerce Clover Payment Gateway plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the callback_handler function in all versions up to, and including, 1.3.1. This makes it possible for unauthenticated attackers to mark orders as paid."}, {"lang": "es", "value": "El complemento WooCommerce Clover Payment Gateway para WordPress es vulnerable a modificaciones no autorizadas de datos debido a una falta de verificaci\u00f3n de capacidad en la funci\u00f3n callback_handler en todas las versiones hasta la 1.3.1 incluida. Esto hace posible que atacantes no autenticados marquen los pedidos como pagados."}], "id": "CVE-2024-0626", "lastModified": "2024-11-21T08:47:01.817", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 1.4, "source": "security@wordfence.com", "type": "Secondary"}]}, "published": "2024-04-09T19:15:14.723", "references": [{"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/browser/woo-clover-gateway-by-zaytech/trunk/zaytech-woo-commerce-clover-integration.php?rev=2998654#L218"}, {"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3055678%40woo-clover-gateway-by-zaytech%2Ftrunk&old=2998658%40woo-clover-gateway-by-zaytech%2Ftrunk&sfp_email=&sfph_mail=#file3"}, {"source": "security@wordfence.com", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/57aacffa-0f49-4a33-ae40-d1c151363284?source=cve"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://plugins.trac.wordpress.org/browser/woo-clover-gateway-by-zaytech/trunk/zaytech-woo-commerce-clover-integration.php?rev=2998654#L218"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3055678%40woo-clover-gateway-by-zaytech%2Ftrunk&old=2998658%40woo-clover-gateway-by-zaytech%2Ftrunk&sfp_email=&sfph_mail=#file3"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/57aacffa-0f49-4a33-ae40-d1c151363284?source=cve"}], "sourceIdentifier": "security@wordfence.com", "vulnStatus": "Awaiting Analysis"}