Product Filter for WooCommerce by WBW Missing Authorization Vulnerability Allowing Unauthenticated Data Deletion
Vulnerability
A vulnerability exists in the Product Filter for WooCommerce by WBW plugin for WordPress, in all versions through 3.1.2. The issue stems from a missing capability check, which allows unauthorized users to delete filter data. The plugin's MVC framework registers unauthenticated AJAX handlers without verifying user capabilities. This vulnerability enables unauthenticated attackers to truncate the 'wp_wpf_filters' database table, permanently deleting all filter configurations.
Impact
Exploitation of this vulnerability leads to unauthorized deletion of filter data, causing potential disruption in product filtering functionality on the affected WooCommerce store.
Reproduction
The vulnerability can be reproduced by sending an AJAX request to the WordPress site with the 'action' parameter set to 'delete'. This request can be made without authentication, allowing for the deletion of all entries in the 'wp_wpf_filters' database table.
Remediation
Users are advised to update the Product Filter for WooCommerce by WBW plugin to version 3.1.3 or later.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.