Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2023-2732: Diff [2915729:2916124] for mstore-api – WordPress Plugin Repository

The MStore API plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 3.9.2. This is due to insufficient verification on the user being supplied during the add listing REST API request through the plugin. This makes it possible for unauthenticated attackers to log in as any existing user on the site, such as an administrator, if they have access to the user id.

CVE
Open in Source
#git#wordpress#php#auth

mstore-api/trunk/controllers/listing-rest-api/class.api.fields.php

r2915729

r2916124

381

381

            }

382

382

    ));

383

384

    register\_rest\_route('wp/v2', '/add-listing', array(

385

        'methods' => 'GET',

386

        'callback' => array(

387

            $this,

388

            'add\_listing'

389

        ) ,

390

        'permission\_callback' => function () {

391

            return true;

392

        }

393

    ));

394

383

395

384

    register\_rest\_route('wp/v2', '/get-nearby-listings', array(

1072

1061

        $user = get\_userdata($object\['author'\]);

1073

1062

        return $user->display\_name;

1074

    }

1075

1076

    //-----------------//

1077

1078

1079

    public function add\_listing($request)

1080

    {

1081

        $id = $request\['id'\];

1082

        wp\_clear\_auth\_cookie();

1083

        wp\_set\_current\_user($id);

1084

        wp\_set\_auth\_cookie($id, true);

1085

        header("Location: " . $request\['url'\]);

1086

        die();

1087

1063

    }

1088

1064

mstore-api/trunk/mstore-api.php

r2915729

r2916124

4

4

* Plugin URI: https://github.com/inspireui/mstore-api

5

5

* Description: The MStore API Plugin which is used for the MStore and FluxStore Mobile App

6

* Version: 3.9.2

6

* Version: 3.9.3

7

7

* Author: InspireUI

8

8

* Author URI: https://inspireui.com

41

41

class MstoreCheckOut

42

42

{

43

public $version = '3.9.2';

43

public $version = '3.9.3';

44

44

45

45

public function \_\_construct()

mstore-api/trunk/readme.txt

r2915729

r2916124

4

4

Requires at least: 4.4

5

5

Tested up to: 6.0.0

6

Stable tag: 3.9.2

6

Stable tag: 3.9.3

7

7

License: GPL-2.0

8

8

License URI: https://www.gnu.org/licenses/gpl-2.0.html

44

44

45

45

== Changelog ==

46

= 3.9.3 =

47

* Fix security issue for listing api

48

46

49

= 3.9.2 =

47

50

* Fix security issue for cart api

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE
CVE-2023-6905
CVE
CVE-2023-6903
CVE
CVE-2023-6904
CVE
CVE-2023-3907
CVE