Vulnerability Description
The Rearrange Woocommerce Products WordPress plugin before 3.0.8 does not have proper access controls in the save_all_order AJAX action, nor validation and escaping when inserting user data in SQL statement, leading to an SQL injection, and allowing any authenticated user, such as subscriber, to modify arbitrary post content (for example with an XSS payload), as well as exfiltrate any data by copying it to another post.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Rearrange Woocommerce Products Project | Rearrange Woocommerce Products | < 3.0.8 |
Related Weaknesses (CWE)
References
- https://wpscan.com/vulnerability/3762a77c-b8c9-428f-877c-bbfd7958e7beExploitThird Party Advisory
- https://wpscan.com/vulnerability/3762a77c-b8c9-428f-877c-bbfd7958e7beExploitThird Party Advisory
FAQ
What is CVE-2021-24928?
CVE-2021-24928 is a vulnerability with a CVSS score of 6.5 (MEDIUM). The Rearrange Woocommerce Products WordPress plugin before 3.0.8 does not have proper access controls in the save_all_order AJAX action, nor validation and escaping when inserting user data in SQL sta...
How severe is CVE-2021-24928?
CVE-2021-24928 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2021-24928?
Check the references section above for vendor advisories and patch information. Affected products include: Rearrange Woocommerce Products Project Rearrange Woocommerce Products.