Paid Memberships Pro < 3.0.5 – Unauthenticated Insecure Direct Object Reference to Order Status Update | CVE 2024-37277 | Plugin Vulnerabilities

Description

The Paid Memberships Pro – Content Restriction, User Registration, & Paid Subscriptions plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 3.0.4 via the pmpro_twocheckoutValidate function due to missing validation on a user controlled key. This makes it possible for unauthenticated attackers to update an order status to paid.

Affects Plugins

paid-memberships-pro

Fixed in 3.0.5

References

CVE

URL

https://www.wordfence.com/threat-intel/vulnerabilities/id/4a5a118d-54a2-4e15-a629-4759c34f62b4

Classification

Type

IDOR

OWASP top 10

A5: Broken Access Control

CWE

CVSS

Miscellaneous

Original Researcher

Rafie Muhammad

Verified

No

WPVDB ID

41f82588-c635-4209-89a4-4dac46879903

Timeline

Publicly Published

2024-06-28 (about 1 year ago)

Added

2024-07-03 (about 1 year ago)

Last Updated

2024-07-03 (about 1 year ago)

Other

Published

Title

Published

2023-09-12

Title

wpDiscuz < 7.6.4 - Post Rating Increase/Decrease iva IDOR

Published

2024-01-02

Title

LearnPress < 4.2.5.8 - Subscriber+ Arbitrary Course Progress Disclosure

Published

2022-12-05

Title

ACF Quick Edit Fields < 3.2.3 - Contributor+ User Metadata Leak via IDOR

Published

2024-03-28

Title

Molongui < 4.7.8 - Authenticated (Author+) Insecure Direct Object Reference

Published

2025-02-23

Title

Amelia < 1.2.17 - Unauthenticated Insecure Direct Object Reference