WordPress Plugin Vulnerabilities
Syncee - Global Dropshipping < 1.0.10 - Authentication Token Disclosure
Description
The plugin leaks the administrator token that can be used to take over the administrator's account.
Proof of Concept
The plugin sends a GET request to "/wp-json/syncee/retailer/v1/getDataForFrontend" endpoint to get access token of the administrator. An attacker can use this access token to takeover the administrator's Syncee account via adding new team member.
Affects Plugins
References
CVE
Classification
Type
SENSITIVE DATA DISCLOSURE
OWASP top 10
CWE
CVSS
Miscellaneous
Original Researcher
5h4m4n53c
Submitter
5h4m4n53c
Verified
Yes
WPVDB ID
Timeline
Publicly Published
2022-11-28 (about 1 years ago)
Added
2022-11-14 (about 1 years ago)
Last Updated
2022-11-14 (about 1 years ago)