WordPress Plugin Vulnerabilities

WooCommerce Ship to Multiple Addresses < 3.8.4 - Subscriber+ Shipping Address Disclosure via IDOR

Description

The plugin does not ensure that the order to display the shipping address from belong to the user making the request, allowing any authenticated users, such as subscriber to view other shipping addresses via an IDOR

Proof of Concept

Affects Plugins

Plugin icon
woocommerce-shipping-multiple-addresses
Fixed in 3.8.4

References

CVE
CVE-2023-32799
URL
https://patchstack.com/database/vulnerability/woocommerce-shipping-multiple-addresses/wordpress-woocommerce-ship-to-multiple-addresses-plugin-3-8-3-insecure-direct-object-references-idor-vulnerability

Classification

Type
IDOR
OWASP top 10
A5: Broken Access Control
CWE
CWE-639
CVSS
6.5 (medium)

Miscellaneous

Original Researcher
Rafie Muhammad
Verified
Yes
WPVDB ID
f5f566c7-b3cf-46bf-82bd-34208f8f7c5b

Timeline

Publicly Published
2023-05-15 (about 3 years ago)
Added
2023-06-21 (about 2 years ago)
Last Updated
2023-06-21 (about 2 years ago)

Other

Published
Title
Published
2025-10-17
Title
Event Tickets and Registration < 5.26.6 - Unauthenticated Ticket Payment Bypass
Published
2025-03-07
Title
FooGallery – Responsive Photo Gallery, Image Viewer, Justified, Masonry & Carousel < 2.4.30 - Insecure Direct Object Reference to Authenticated (Custom+) Arbitrary Post/Page Updates
Published
2021-05-17
Title
LifterLMS < 4.21.2 - Access Other Student Grades/Answers via IDOR
Published
2024-11-08
Title
User Meta – User Profile Builder and User management plugin <= 3.1 - Insecure Direct Object Reference to Sensitive Information Exposure
Published
2025-02-11
Title
Majestic Support – The Leading-Edge Help Desk & Customer Support Plugin < 1.0.6 - Authenticated (Subscriber+) Insecure Direct Object Reference