Vulnerability Description
The Flexible Checkout Fields for WooCommerce plugin for WordPress is vulnerable to Unauthenticated Arbitrary Plugin Settings update, in addition to Stored Cross-Site Scripting in versions up to, and including, 2.3.1. This is due to missing authorization checks on the updateSettingsAction() function which is called via an admin_init hook, along with missing sanitization and escaping on the settings that are stored.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Wpdesk | Flexible Checkout Fields | <= 2.3.1 |
Related Weaknesses (CWE)
References
- https://blog.nintechnet.com/zero-day-vulnerability-fixed-in-wordpress-flexible-cExploit
- https://www.wordfence.com/blog/2020/02/site-takeover-campaign-exploits-multiple-Exploit
- https://www.wordfence.com/threat-intel/vulnerabilities/id/fd12a952-2e99-41f7-b74Third Party Advisory
- https://blog.nintechnet.com/zero-day-vulnerability-fixed-in-wordpress-flexible-cExploit
- https://www.wordfence.com/blog/2020/02/site-takeover-campaign-exploits-multiple-Exploit
- https://www.wordfence.com/threat-intel/vulnerabilities/id/fd12a952-2e99-41f7-b74Third Party Advisory
FAQ
What is CVE-2020-36731?
CVE-2020-36731 is a vulnerability with a CVSS score of 7.2 (HIGH). The Flexible Checkout Fields for WooCommerce plugin for WordPress is vulnerable to Unauthenticated Arbitrary Plugin Settings update, in addition to Stored Cross-Site Scripting in versions up to, and ...
How severe is CVE-2020-36731?
CVE-2020-36731 has been rated HIGH with a CVSS base score of 7.2/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2020-36731?
Check the references section above for vendor advisories and patch information. Affected products include: Wpdesk Flexible Checkout Fields.