Gestpay for WooCommerce < 20240307 – Cross-Site Request Forgery (CSRF) via ajax_unset_default_card | CVE 2024-0433 | Plugin Vulnerabilities

Description

The Gestpay for WooCommerce plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 20221130. This is due to missing or incorrect nonce validation on the 'ajax_unset_default_card' function. This makes it possible for unauthenticated attackers to remove the default status of a card token for a user via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.

Affects Plugins

gestpay-for-woocommerce

Fixed in 20240307

References

CVE

URL

https://www.wordfence.com/threat-intel/vulnerabilities/id/44b62b99-99eb-424b-a04a-9bbacf5fbbaa

Classification

Type

CSRF

OWASP top 10

A2: Broken Authentication and Session Management

CWE

CVSS

Miscellaneous

Original Researcher

Francesco Carlucci

Verified

No

WPVDB ID

5a230504-86e3-4211-bdbf-b5b89321edfb

Timeline

Publicly Published

2024-02-27 (about 2 years ago)

Added

2024-02-27 (about 2 years ago)

Last Updated

2024-03-12 (about 2 years ago)

Other

Published

Title

Published

2022-06-22

Title

Free Live Chat Support <= 1.0.12 - Stored Cross-Site Scripting via CSRF

Published

2023-02-06

Title

Conversios.io < 5.2.4 - Settings Update via CSRF

Published

2023-11-07

Title

WP Links Page < 4.9.5 - Cross-Site Request Forgery via wplf_ajax_update_screenshots

Published

2023-07-14

Title

WP Testimonials < 1.4.3 - Widget Deletion via CSRF

Published

2024-12-10

Title

WPC Order Notes for WooCommerce < 1.5.3 - Cross-Site Request Forgery to Reflected Cross-Site Scripting