Integrate Dynamics 365 CRM WordPress Plugin Unauthorized Access Vulnerability

A vulnerability allowing unauthorized access has been identified in the Integrate Dynamics 365 CRM plugin for WordPress, affecting all versions through 1.0.9. The issue arises from inadequate capability checks and nonce verification on functions linked to the 'init' action. This flaw enables unauthenticated attackers to deactivate the plugin, manipulate OAuth settings, and initiate test connections that could reveal sensitive information by sending crafted requests to exposed endpoints.

Impact

Exploitation of this vulnerability allows unauthenticated users to deactivate the plugin, alter OAuth configurations, and access sensitive data through vulnerable endpoints by sending specially crafted requests.

Reproduction

The vulnerability can be reproduced by sending a request to the WordPress site with the 'option' parameter set to one of the following values: 'testdcrmapp', 'testdcrmautomaticapp', 'dcrm_automatic_app_status', 'mo_dcrm_contact_us_query_option', or 'mo_dcrm_feedback'. The request must also include a valid nonce for the corresponding action, except when using 'mo_dcrm_feedback', which requires a different nonce verification process.

Remediation

Users are advised to update the Integrate Dynamics 365 CRM plugin to version 1.1.0 or later.