WordPress Plugin Vulnerabilities

Booster for WooCommerce < 7.1.2 - Authenticated (Subscriber+) Information Disclosure via Shortcode

Description

The Booster for WooCommerce for WordPress is vulnerable to Information Disclosure via the 'wcj_get_option' shortcode in versions up to, and including, 7.1.1 due to insufficient controls on the information retrievable via the shortcode. This makes it possible for authenticated attackers, with subscriber-level capabilities or above, to retrieve arbitrary sensitive site options.

Affects Plugins

Plugin icon
woocommerce-jetpack
Fixed in 7.1.2

References

CVE
CVE-2023-40002
URL
https://www.wordfence.com/threat-intel/vulnerabilities/id/a1426809-b245-4868-be87-c96b3c5c05f9

Classification

Type
SENSITIVE DATA DISCLOSURE
OWASP top 10
A3: Sensitive Data Exposure
CWE
CWE-200
CVSS
4.3 (medium)

Miscellaneous

Original Researcher
Dave Jong
Verified
No
WPVDB ID
59dd870f-72a8-443f-8978-e946ce413230

Timeline

Publicly Published
2023-10-04 (about 2 years ago)
Added
2023-11-29 (about 2 years ago)
Last Updated
2024-01-03 (about 2 years ago)

Other

Published
Title
Published
2024-12-16
Title
PPWP – Password Protect Pages < 1.9.6 - Unauthenticated Content Restriction Bypass to Sensitive Information Exposure
Published
2024-08-16
Title
Contest Gallery < 23.1.3 - Unauthenticated Information Exposure
Published
2025-01-06
Title
Optimize Your Campaigns – Google Shopping – Google Ads – Google Adwords <= 3.1 - Information Exposure
Published
2024-03-28
Title
Wholesale For WooCommerce < 2.3.1 - Unauthenticated Information Exposure
Published
2025-02-17
Title
File Uploads Addon for WooCommerce < 1.7.2 - Unauthenticated Sensitive Information Exposure Through Unprotected Directory