Eyewear Prescription Form WordPress Plugin Missing Authorization Vulnerability Allowing Unauthenticated Deletion of WooCommerce Categories
Vulnerability
A vulnerability exists in the Eyewear Prescription Form plugin for WordPress, in all versions up to and including 6.0.1. The issue is a missing authorization flaw that allows unauthenticated users to delete arbitrary WooCommerce product categories, along with their child categories. This vulnerability arises from the absence of proper capability checks on the RemoveItems AJAX action, enabling unauthorized deletion through the 'catIds' parameter.
Impact
Exploitation of this vulnerability allows for the unauthorized deletion of WooCommerce product categories and their child categories.
Reproduction
To reproduce this vulnerability, send a request to the WordPress site's admin-ajax.php file, targeting the RemoveItems action. Include a 'catIds' parameter with the IDs of the WooCommerce product categories to be deleted. The absence of authorization checks will allow the request to be processed, resulting in the deletion of the specified categories and their children.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.