CVE-2023-6897 - Vulnerability Details - OpenCVE

The EAN for WooCommerce plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 4.9.2 via the the 'alg_wc_ean_product_meta' shortcode due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with contributor-level access and above, to expose potentially sensitive post metadata.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact Low

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Wpfactory	Ean For Woocommerce

Configuration 1 [-]

cpe:2.3:a:wpfactory:ean_for_woocommerce:*:*:*:*:*:wordpress:*:*

No data.

References

Link	Providers
https://plugins.trac.wordpress.org/changeset/3070991/ean-for-woocommerce
https://www.wordfence.com/threat-intel/vulnerabilities/id/17b20df5-4adf-47ce-bddf-2ec0b9499de8?source=cve

History

Tue, 11 Feb 2025 21:00:00 +0000

Type	Values Removed	Values Added
First Time appeared		Wpfactory Wpfactory ean For Woocommerce
Weaknesses		CWE-639
CPEs		cpe:2.3:a:wpfactory:ean_for_woocommerce::::::wordpress::*
Vendors & Products		Wpfactory Wpfactory ean For Woocommerce

MITRE

Status: PUBLISHED

Assigner: Wordfence

Published: 2024-04-18T11:05:28.666Z

Updated: 2024-08-02T08:42:08.500Z

Reserved: 2023-12-16T17:53:02.328Z

Link: CVE-2023-6897

Vulnrichment

Updated: 2024-08-02T08:42:08.500Z

NVD

Status : Analyzed

Published: 2024-04-18T11:15:37.350

Modified: 2025-02-11T20:31:53.000

Link: CVE-2023-6897

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-6897", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "state": "PUBLISHED", "assignerShortName": "Wordfence", "dateReserved": "2023-12-16T17:53:02.328Z", "datePublished": "2024-04-18T11:05:28.666Z", "dateUpdated": "2024-08-02T08:42:08.500Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2024-04-18T11:05:28.666Z"}, "affected": [{"vendor": "algoritmika", "product": "EAN for WooCommerce", "versions": [{"version": "*", "status": "affected", "lessThanOrEqual": "4.9.2", "versionType": "semver"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "The EAN for WooCommerce plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 4.9.2 via the the 'alg_wc_ean_product_meta' shortcode due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with contributor-level access and above, to expose potentially sensitive post metadata."}], "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/17b20df5-4adf-47ce-bddf-2ec0b9499de8?source=cve"}, {"url": "https://plugins.trac.wordpress.org/changeset/3070991/ean-for-woocommerce"}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-639 Authorization Bypass Through User-Controlled Key"}]}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "baseScore": 4.3, "baseSeverity": "MEDIUM"}}], "credits": [{"lang": "en", "type": "finder", "value": "Francesco Carlucci"}], "timeline": [{"time": "2024-04-11T00:00:00.000+00:00", "lang": "en", "value": "Vendor Notified"}, {"time": "2024-04-17T00:00:00.000+00:00", "lang": "en", "value": "Disclosed"}]}, "adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-6897", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-04-23T14:58:55.601343Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:wpfactory:ean_for_woocommerce:*:*:*:*:*:wordpress:*:*"], "vendor": "wpfactory", "product": "ean_for_woocommerce", "versions": [{"status": "affected", "version": "*"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-04T17:17:03.449Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T08:42:08.500Z"}, "title": "CVE Program Container", "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/17b20df5-4adf-47ce-bddf-2ec0b9499de8?source=cve", "tags": ["x_transferred"]}, {"url": "https://plugins.trac.wordpress.org/changeset/3070991/ean-for-woocommerce", "tags": ["x_transferred"]}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/17b20df5-4adf-47ce-bddf-2ec0b9499de8?source=cve", "tags": ["x_transferred"]}, {"url": "https://plugins.trac.wordpress.org/changeset/3070991/ean-for-woocommerce", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T08:42:08.500Z"}}, {"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-6897", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-04-23T14:58:55.601343Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:wpfactory:ean_for_woocommerce:*:*:*:*:*:wordpress:*:*"], "vendor": "wpfactory", "product": "ean_for_woocommerce", "versions": [{"status": "affected", "version": "*"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-04-23T15:03:10.899Z"}, "title": "CISA ADP Vulnrichment"}], "cna": {"credits": [{"lang": "en", "type": "finder", "value": "Francesco Carlucci"}], "metrics": [{"cvssV3_1": {"version": "3.1", "baseScore": 4.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"}}], "affected": [{"vendor": "algoritmika", "product": "EAN for WooCommerce", "versions": [{"status": "affected", "version": "*", "versionType": "semver", "lessThanOrEqual": "4.9.2"}], "defaultStatus": "unaffected"}], "timeline": [{"lang": "en", "time": "2024-04-11T00:00:00.000+00:00", "value": "Vendor Notified"}, {"lang": "en", "time": "2024-04-17T00:00:00.000+00:00", "value": "Disclosed"}], "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/17b20df5-4adf-47ce-bddf-2ec0b9499de8?source=cve"}, {"url": "https://plugins.trac.wordpress.org/changeset/3070991/ean-for-woocommerce"}], "descriptions": [{"lang": "en", "value": "The EAN for WooCommerce plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 4.9.2 via the the 'alg_wc_ean_product_meta' shortcode due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with contributor-level access and above, to expose potentially sensitive post metadata."}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-639 Authorization Bypass Through User-Controlled Key"}]}], "providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2024-04-18T11:05:28.666Z"}}}, "cveMetadata": {"cveId": "CVE-2023-6897", "state": "PUBLISHED", "dateUpdated": "2024-08-02T08:42:08.500Z", "dateReserved": "2023-12-16T17:53:02.328Z", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "datePublished": "2024-04-18T11:05:28.666Z", "assignerShortName": "Wordfence"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:wpfactory:ean_for_woocommerce:*:*:*:*:*:wordpress:*:*", "matchCriteriaId": "3B49F05E-86C1-4E04-8546-9EB6053AAD69", "versionEndExcluding": "4.9.3", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The EAN for WooCommerce plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 4.9.2 via the the 'alg_wc_ean_product_meta' shortcode due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with contributor-level access and above, to expose potentially sensitive post metadata."}, {"lang": "es", "value": "El complemento EAN para WooCommerce para WordPress es vulnerable a Insecure Direct Object Reference en todas las versiones hasta la 4.9.2 incluida a trav\u00e9s del c\u00f3digo corto 'alg_wc_ean_product_meta' debido a la falta de validaci\u00f3n en una clave controlada por el usuario. Esto hace posible que atacantes autenticados, con acceso de nivel de colaborador y superior, expongan metadatos de publicaciones potencialmente confidenciales."}], "id": "CVE-2023-6897", "lastModified": "2025-02-11T20:31:53.000", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 1.4, "source": "[email protected]", "type": "Secondary"}]}, "published": "2024-04-18T11:15:37.350", "references": [{"source": "[email protected]", "tags": ["Patch"], "url": "https://plugins.trac.wordpress.org/changeset/3070991/ean-for-woocommerce"}, {"source": "[email protected]", "tags": ["Third Party Advisory"], "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/17b20df5-4adf-47ce-bddf-2ec0b9499de8?source=cve"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://plugins.trac.wordpress.org/changeset/3070991/ean-for-woocommerce"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/17b20df5-4adf-47ce-bddf-2ec0b9499de8?source=cve"}], "sourceIdentifier": "[email protected]", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-639"}], "source": "[email protected]", "type": "Primary"}]}