WordPress Plugin Vulnerabilities

WooCommerce Dynamic Pricing & Discounts < 2.4.2 - Unauthenticated Settings Import to Stored XSS

Description

The plugin does not have authorisation and CSRF checks on its import feature, nor sanitise or escape the imported settings. This could allow unauthenticated users to import arbitrary settings, and perform Stored Cross-Site Scripting attacks as well.

Please note that v2.4.2 is still missing a CSRF check.

Affects Plugins

Plugin icon
wc-dynamic-pricing-and-discounts
Fixed in 2.4.2

References

CVE
CVE-2021-4372
URL
https://blog.nintechnet.com/woocommerce-dynamic-pricing-and-discounts-plugin-fixed-multiple-vulnerabilities/

Classification

Type
ACCESS CONTROLS
OWASP top 10
A5: Broken Access Control
CWE
CWE-284
CVSS
7.1 (high)

Miscellaneous

Original Researcher
Jerome Bruandet (nintechnet)
Verified
No
WPVDB ID
aeae6454-6cda-4b43-9d96-e0d4d67b4028

Timeline

Publicly Published
2021-08-31 (about 4 years ago)
Added
2021-08-31 (about 4 years ago)
Last Updated
2023-06-08 (about 2 years ago)

Other

Published
Title
Published
2022-11-18
Title
WordPress Popular Posts < 6.1.0 - Unauthenticated Views Manipulation
Published
2020-09-28
Title
WP Courses < 2.0.29 - Broken Access Controls leading to Courses Content Disclosure
Published
2021-01-28
Title
uListing < 1.7 - Unauthenticated Arbitrary Account Change
Published
2023-08-14
Title
Advanced File Manager < 5.1.1 - Admin+ Arbitrary File/Folder Access
Published
2025-02-19
Title
Prime Addons for Elementor < 2.0.2 - Authenticated (Contributor+) Insecure Direct Object Reference via pae_global_block Shortcode