Vulnerability Description
The TeraWallet plugin for WordPress is vulnerable to Insecure Direct Object Reference in versions up to, and including, 1.4.3. This is due to insufficient validation of the user-controlled key on the lock_unlock_terawallet AJAX action. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to lock/unlock other users wallets.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Standalonetech | Terawallet | <= 1.4.3 |
Related Weaknesses (CWE)
References
- https://plugins.trac.wordpress.org/changeset/2817824/woo-wallet/trunk?contextallPatchThird Party Advisory
- https://www.wordfence.com/threat-intel/vulnerabilities/id/ec57e0b2-61b0-4b67-978
- https://www.wordfence.com/vulnerability-advisories-continued/#CVE-2022-3995Third Party Advisory
- https://plugins.trac.wordpress.org/changeset/2817824/woo-wallet/trunk?contextallPatchThird Party Advisory
- https://www.wordfence.com/vulnerability-advisories-continued/#CVE-2022-3995Third Party Advisory
FAQ
What is CVE-2022-3995?
CVE-2022-3995 is a vulnerability with a CVSS score of 4.3 (MEDIUM). The TeraWallet plugin for WordPress is vulnerable to Insecure Direct Object Reference in versions up to, and including, 1.4.3. This is due to insufficient validation of the user-controlled key on the ...
How severe is CVE-2022-3995?
CVE-2022-3995 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2022-3995?
Check the references section above for vendor advisories and patch information. Affected products include: Standalonetech Terawallet.