Improper access control in multiple WordPress plugins for YIT Plugin Framework



Published: 2019-11-06
Risk Low
Patch available YES
Number of vulnerabilities 1
CVE-ID CVE-2019-16251
CWE-ID CWE-284
Exploitation vector Network
Public exploit Public exploit code for vulnerability #1 is available.
Vulnerable software
Subscribe
YITH Desktop Notifications for WooCommerce
Web applications / Modules and components for CMS

YITH PayPal Express Checkout for WooCommerce
Web applications / Modules and components for CMS

YITH WooCommerce Recover Abandoned Cart
Web applications / Modules and components for CMS

YITH WooCommerce Questions and Answers
Web applications / Modules and components for CMS

YITH WooCommerce Multi Vendor
Web applications / Modules and components for CMS

YITH WooCommerce Mailchimp
Web applications / Modules and components for CMS

YITH WooCommerce Best Sellers
Web applications / Modules and components for CMS

YITH WooCommerce Authorize.net Payment Gateway
Web applications / Modules and components for CMS

YITH Advanced Refund System for WooCommerce
Web applications / Modules and components for CMS

YITH WooCommerce Points and Rewards
Web applications / Modules and components for CMS

YITH WooCommerce Waiting List
Web applications / Modules and components for CMS

YITH WooCommerce Stripe
Web applications / Modules and components for CMS

YITH WooCommerce Bulk Product Editing
Web applications / Modules and components for CMS

YITH WooCommerce Added to Cart Popup
Web applications / Modules and components for CMS

YITH Product Size Charts for WooCommerce
Web applications / Modules and components for CMS

YITH Custom Thank You Page for Woocommerce
Web applications / Modules and components for CMS

YITH Color and Label Variations for WooCommerce
Web applications / Modules and components for CMS

YITH WooCommerce Multi-step Checkout
Web applications / Modules and components for CMS

YITH WooCommerce Frequently Bought Together
Web applications / Modules and components for CMS

YITH WooCommerce Product Bundles
Web applications / Modules and components for CMS

YITH WooCommerce Cart Messages
Web applications / Modules and components for CMS

YITH WooCommerce Affiliates
Web applications / Modules and components for CMS

YITH WooCommerce Subscription
Web applications / Modules and components for CMS

YITH WooCommerce Gift Cards
Web applications / Modules and components for CMS

YITH WooCommerce Product Add-Ons
Web applications / Modules and components for CMS

YITH WooCommerce Advanced Reviews
Web applications / Modules and components for CMS

YITH Pre-Order for WooCommerce
Web applications / Modules and components for CMS

YITH WooCommerce PDF Invoice and Shipping List
Web applications / Modules and components for CMS

YITH WooCommerce Order Tracking
Web applications / Modules and components for CMS

YITH WooCommerce Social Login
Web applications / Modules and components for CMS

YITH WooCommerce Request A Quote
Web applications / Modules and components for CMS

YITH WooCommerce Brands Add-On
Web applications / Modules and components for CMS

YITH WooCommerce Badge Management
Web applications / Modules and components for CMS

YITH WooCommerce Ajax Search
Web applications / Modules and components for CMS

YITH WooCommerce Zoom Magnifier
Web applications / Modules and components for CMS

YITH WooCommerce Quick View
Web applications / Modules and components for CMS

YITH WooCommerce Compare
Web applications / Modules and components for CMS

YITH WooCommerce Wishlist
Web applications / Modules and components for CMS

Vendor YITH

Security Bulletin

This security bulletin contains one low risk vulnerability.

1) Improper access control

EUVDB-ID: #VU22547

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2019-16251

CWE-ID: CWE-284 - Improper Access Control

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain unauthorized access to otherwise restricted functionality.

The vulnerability exists due to improper access restrictions in the “plugin-fw/lib/yit-plugin-panel-wc.php” script. A remote authenticated attacker can bypass implemented security restrictions and modify the plugin options.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

YITH Desktop Notifications for WooCommerce: 1.0.0 - 1.2.7

YITH PayPal Express Checkout for WooCommerce: 1.0.0 - 1.2.5

YITH WooCommerce Recover Abandoned Cart: 1.2.1 - 1.3.3

YITH WooCommerce Questions and Answers: 1.0.0 - 1.1.9

YITH WooCommerce Multi Vendor: 1.6.9 - 3.4.0

YITH WooCommerce Mailchimp: 1.0.0 - 2.1.3

YITH WooCommerce Best Sellers: 1.0.0 - 1.1.12

YITH WooCommerce Authorize.net Payment Gateway: 1.0.0 - 1.1.12

YITH Advanced Refund System for WooCommerce: 1.0.0 - 1.0.11

YITH WooCommerce Points and Rewards: 1.0.0 - 1.3.5

YITH WooCommerce Waiting List: 1.0.0 - 1.3.10

YITH WooCommerce Stripe: 1.0.0 - 2.0.1

YITH WooCommerce Bulk Product Editing: 1.0.0 - 1.2.14

YITH WooCommerce Added to Cart Popup: 1.0.0 - 1.3.12

YITH Product Size Charts for WooCommerce: 1.0.0 - 1.1.12

YITH Custom Thank You Page for Woocommerce: 1.0.0 - 1.1.7

YITH Color and Label Variations for WooCommerce: 1.8.1 - 1.8.12

YITH WooCommerce Multi-step Checkout: 1.4.0 - 1.7.4

YITH WooCommerce Frequently Bought Together: 1.0.1 - 1.2.10

YITH WooCommerce Product Bundles: 1.0.0 - 1.1.16

YITH WooCommerce Cart Messages: 1.2.1 - 1.4.4

YITH WooCommerce Affiliates: 1.0.0 - 1.6.2

YITH WooCommerce Subscription: 1.2.0 - 1.3.5

YITH WooCommerce Gift Cards: 1.0.0 - 1.3.7

YITH WooCommerce Product Add-Ons: 1.0.0 - 1.5.21

YITH WooCommerce Advanced Reviews: 1.0.3 - 1.3.9

YITH Pre-Order for WooCommerce: 1.0.0 - 1.2.0

YITH WooCommerce PDF Invoice and Shipping List: 1.0.0 - 1.2.12

YITH WooCommerce Order Tracking: 1.0.0 - 1.2.10

YITH WooCommerce Social Login: 1.2.0 - 1.3.5

YITH WooCommerce Request A Quote: 1.0.0 - 1.4.8

YITH WooCommerce Brands Add-On: 1.0.0 - 1.3.6

YITH WooCommerce Badge Management: 1.0.0 - 1.3.20

YITH WooCommerce Ajax Search: 1.0.0 - 1.7.0

YITH WooCommerce Zoom Magnifier: 1.0.0 - 1.3.11

YITH WooCommerce Quick View: 1.0.0 - 1.3.14

YITH WooCommerce Compare: 1.0.0 - 2.3.14

YITH WooCommerce Wishlist: 1.0.0 - 2.2.13


CPE2.3 External links

http://blog.nintechnet.com/authenticated-settings-change-vulnerability-in-yit-plugin-framework/
http://wpvulndb.com/vulnerabilities/9932

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?



###SIDEBAR###