Overview

WordPress is vulnerable to a critical vulnerability. Exploitation of this vulnerability may allow an unauthenticated attacker to execute arbitrary code.

Description

WordPress plugin woo-point-of-sale is affected by the vulnerability tracked as CVE-2024-11281 with a CVSS score of 9.8. The plugin is vulnerable due to insufficient validation of the 'logged_in_user_id' value when option values are empty and the ability for attackers to change the email of arbitrary user accounts. The vulnerabilities allow attackers to change the email of arbitrary user accounts, including administrators, and reset their password to gain access to the account.

Impact

Successful exploitation of these vulnerabilities may allow the attackers to gain escalated privilege on the affected system.

Solution

WordPress has released a security patch for this vulnerability. Users and administrators are encouraged to apply necessary updates.

References

• 1. https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/woo-point-of-sale/woocommerce-point-of-sale-610-insecure-direct-object-reference-to-privilege-escalation-via-arbitrary-user-email-change