WordPress Plugin Vulnerabilities

Doneren met Mollie < 2.8.5 - Unauthorised CSV Export leading to Sensitive Data Disclosure

Description

The plugin did not check for user capability in the dmm_export_donations() function, allowing any authenticated user to export a CSV file containing all donors personal information.

Proof of Concept

GET /wp-admin/admin-post.php?action=dmm_export

Affects Plugins

Plugin icon
doneren-met-mollie
Fixed in 2.8.5

References

URL
https://blog.nintechnet.com/information-disclosure-vulnerability-fixed-in-wordpress-doneren-met-mollie-plugin/
URL
https://plugins.trac.wordpress.org/changeset/2459548

Classification

Type
ACCESS CONTROLS
OWASP top 10
A5: Broken Access Control
CWE
CWE-284
CVSS
6.5 (medium)

Miscellaneous

Original Researcher
Jerome Bruandet (nintechnet)
Verified
No
WPVDB ID
36afc442-9634-498e-961e-4c935880cd2b

Timeline

Publicly Published
2021-01-22 (about 3 years ago)
Added
2021-01-22 (about 3 years ago)
Last Updated
2021-01-23 (about 3 years ago)

Other

Published
Title
Published
2024-03-04
Title
Maintenance Mode < 3.0.2 - Unauthenticated Post/Page Content Disclosure
Published
2021-08-26
Title
Woffice < 4.0.2 - Unauthenticated Disclosure of Notification Titles
Published
2021-10-13
Title
Brizy 1.0.127 - 2.3.11 - Incorrect Authorization to Post Modification
Published
2020-09-28
Title
WP Courses < 2.0.29 - Broken Access Controls leading to Courses Content Disclosure
Published
2020-11-28
Title
BuddyPress < 6.4.0 - Lack of Capability Check on Profile Page