CVE-2024-7503

The WooCommerce - Social Login plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 2.7.5. This is due to the use of loose comparison of the activation code in the 'woo_slg_confirm_email_user' function. This makes it possible for unauthenticated attackers to log in as any existing user on the site, such as an administrator, if they have access to the userID. This requires the email module to be enabled.

CVSS v3 9.8 CRITICAL

9.8^/10

CVSS v3 : CRITICAL

Vector :

Exploitability : 3.9 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://codecanyon.net/item/social-login-wordpress-woocommerce-plugin	Product
https://www.wordfence.com/threat-intel/vulnerabilities/id/f3b727ba-b39c-4a98-a6a6-ea33785079f6?source=cve	Third Party Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:wpwebelite:woocommerce_social_login:*:*:*:*:*:wordpress:*:*

History

07 Feb 2025, 16:06

Type	Values Removed	Values Added
CWE		CWE-306
First Time		Wpwebelite Wpwebelite woocommerce Social Login
References	~~() https://codecanyon.net/item/social-login-wordpress-woocommerce-plugin -~~	() https://codecanyon.net/item/social-login-wordpress-woocommerce-plugin - Product
References	~~() https://www.wordfence.com/threat-intel/vulnerabilities/id/f3b727ba-b39c-4a98-a6a6-ea33785079f6?source=cve -~~	() https://www.wordfence.com/threat-intel/vulnerabilities/id/f3b727ba-b39c-4a98-a6a6-ea33785079f6?source=cve - Third Party Advisory
CPE		cpe:2.3:a:wpwebelite:woocommerce_social_login::::::wordpress::*

Information

Published : 2024-08-12 13:38

Updated : 2025-02-07 16:06

NVD link : CVE-2024-7503

Mitre link : CVE-2024-7503

CVE.ORG link : CVE-2024-7503

JSON object : View

Products Affected

wpwebelite

woocommerce_social_login

CWE

CWE-288

Authentication Bypass Using an Alternate Path or Channel

CWE-306

Missing Authentication for Critical Function

{"id": "CVE-2024-7503", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "security@wordfence.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}]}, "published": "2024-08-12T13:38:43.357", "references": [{"url": "https://codecanyon.net/item/social-login-wordpress-woocommerce-plugin", "tags": ["Product"], "source": "security@wordfence.com"}, {"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/f3b727ba-b39c-4a98-a6a6-ea33785079f6?source=cve", "tags": ["Third Party Advisory"], "source": "security@wordfence.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "security@wordfence.com", "description": [{"lang": "en", "value": "CWE-288"}]}, {"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-306"}]}], "descriptions": [{"lang": "en", "value": "The WooCommerce - Social Login plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 2.7.5. This is due to the use of loose comparison of the activation code in the 'woo_slg_confirm_email_user' function. This makes it possible for unauthenticated attackers to log in as any existing user on the site, such as an administrator, if they have access to the userID. This requires the email module to be enabled."}, {"lang": "es", "value": "El complemento WooCommerce - Social Login para WordPress es vulnerable a la omisi\u00f3n de autenticaci\u00f3n en versiones hasta la 2.7.5 incluida. Esto se debe al uso de una comparaci\u00f3n flexible del c\u00f3digo de activaci\u00f3n en la funci\u00f3n 'woo_slg_confirm_email_user'. Esto hace posible que atacantes no autenticados inicien sesi\u00f3n como cualquier usuario existente en el sitio, como un administrador, si tienen acceso al ID de usuario. Esto requiere que el m\u00f3dulo de correo electr\u00f3nico est\u00e9 habilitado."}], "lastModified": "2025-02-07T16:06:13.577", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:wpwebelite:woocommerce_social_login:*:*:*:*:*:wordpress:*:*", "vulnerable": true, "matchCriteriaId": "EE64836B-1594-4A9C-8414-4DDEDA90E5D6", "versionEndExcluding": "2.7.4"}], "operator": "OR"}]}], "sourceIdentifier": "security@wordfence.com"}