Classified Listing WordPress Plugin Unauthorized Access Vulnerability

A vulnerability allowing unauthorized access has been identified in the Classified Listing WordPress plugin, affecting all versions up to and including 5.3.10. The issue arises because the plugin fails to properly verify user authorization for certain actions. This flaw enables authenticated attackers with subscriber-level access or higher to add arbitrary notes to any order. Additionally, it can trigger unsolicited notification and moderation emails to listing owners, all without requiring administrative permission.

Impact

Exploitation of this vulnerability allows for unauthorized modification of order notes, which can disrupt the intended functionality of the application. Furthermore, it can cause unnecessary email notifications to be sent to listing owners, potentially leading to confusion or disruption of service.

Reproduction

To reproduce this vulnerability, an authenticated user with subscriber-level access or higher can send a request to the WordPress site that includes the order ID and the note to be added. The request must bypass the authorization checks that are supposed to prevent unauthorized users from modifying order notes. This can be done by exploiting the plugin's failure to properly verify user permissions before allowing such actions.

Remediation

Users are advised to update the Classified Listing WordPress plugin to the latest version, 5.4.0, which addresses this vulnerability.