CVE-2023-50899

Vulnerability

Overview

The Product Catalog Enquiry for WooCommerce plugin by MultiVendorX, versions up to and including 5.0.2, suffers from a Missing Authorization vulnerability [1]. The plugin fails to properly validate access control checks in certain functions, allowing unauthorized users to execute actions reserved for higher-privileged roles. This flaw falls under the category of broken access control, a common issue in WordPress plugins where nonce or capability checks are omitted [1].

Exploitation

Method

An attacker can exploit this vulnerability without requiring authentication. By sending crafted requests to the WordPress site, an unauthenticated user can trigger privileged actions due to the missing authorization checks [1]. The CVSS score of 5.4 (Medium) reflects the ease of exploitation and the need for minimal privileges (none) but limited impact on confidentiality and integrity, as per the supplied reference.

Impact

Successful exploitation allows an unauthenticated attacker to perform actions that should require higher-level permissions, potentially leading to unauthorized data access or configuration changes [1]. The reference notes that such vulnerabilities are often used in mass-exploit campaigns targeting thousands of sites.

Mitigation

The plugin vendor has released version 5.0.3 which patches the issue [1]. Immediate update to the latest version is strongly recommended. For sites unable to update, temporary mitigation includes restricting access to the plugin's functionality via web application firewall rules or contacting the hosting provider for assistance. The advisory rates the severity as low likelihood of exploitation, but given the lack of authentication requirements, updating remains critical.