CVE-2023-3162 - Vulnerability Details - OpenCVE

The Stripe Payment Plugin for WooCommerce plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 3.7.7. This is due to insufficient verification on the user being supplied during a Stripe checkout through the plugin. This allows unauthenticated attackers to log in as users who have orders, who are typically customers.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable yes

Technical Impact total

Vendors	Products
Webtoffee	Stripe Payment Plugin For Woocommerce

Configuration 1 [-]

cpe:2.3:a:webtoffee:stripe_payment_plugin_for_woocommerce:*:*:*:*:*:wordpress:*:*

No data.

References

Link	Providers
https://plugins.trac.wordpress.org/browser/payment-gateway-stripe-and-woocommerce-integration/tags/3.7.7/includes/class-stripe-checkout.php#L640
https://plugins.trac.wordpress.org/changeset/2925361/payment-gateway-stripe-and-woocommerce-integration
https://www.wordfence.com/threat-intel/vulnerabilities/id/4d052f3e-8554-43f0-a5ae-1de09c198d7b?source=cve

History

Tue, 01 Oct 2024 18:30:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

MITRE

Status: PUBLISHED

Assigner: Wordfence

Published: 2023-08-31T05:33:07.144Z

Updated: 2024-10-01T18:01:13.516Z

Reserved: 2023-06-08T12:39:24.512Z

Link: CVE-2023-3162

Vulnrichment

Updated: 2024-08-02T06:48:07.784Z

NVD

Status : Modified

Published: 2023-08-31T06:15:09.737

Modified: 2024-11-21T08:16:35.813

Link: CVE-2023-3162

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-3162", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "state": "PUBLISHED", "assignerShortName": "Wordfence", "dateReserved": "2023-06-08T12:39:24.512Z", "datePublished": "2023-08-31T05:33:07.144Z", "dateUpdated": "2024-10-01T18:01:13.516Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2023-08-31T05:33:07.144Z"}, "affected": [{"vendor": "webtoffee", "product": "Stripe Payment Plugin for WooCommerce", "versions": [{"version": "*", "status": "affected", "lessThanOrEqual": "3.7.7", "versionType": "semver"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "The Stripe Payment Plugin for WooCommerce plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 3.7.7. This is due to insufficient verification on the user being supplied during a Stripe checkout through the plugin. This allows unauthenticated attackers to log in as users who have orders, who are typically customers."}], "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/4d052f3e-8554-43f0-a5ae-1de09c198d7b?source=cve"}, {"url": "https://plugins.trac.wordpress.org/browser/payment-gateway-stripe-and-woocommerce-integration/tags/3.7.7/includes/class-stripe-checkout.php#L640"}, {"url": "https://plugins.trac.wordpress.org/changeset/2925361/payment-gateway-stripe-and-woocommerce-integration"}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-288 Authentication Bypass Using an Alternate Path or Channel"}]}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "baseScore": 9.8, "baseSeverity": "CRITICAL"}}], "credits": [{"lang": "en", "type": "finder", "value": "Lana Codes"}], "timeline": [{"time": "2023-06-08T00:00:00.000+00:00", "lang": "en", "value": "Discovered"}, {"time": "2023-06-08T00:00:00.000+00:00", "lang": "en", "value": "Vendor Notified"}, {"time": "2023-08-01T00:00:00.000+00:00", "lang": "en", "value": "Disclosed"}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T06:48:07.784Z"}, "title": "CVE Program Container", "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/4d052f3e-8554-43f0-a5ae-1de09c198d7b?source=cve", "tags": ["x_transferred"]}, {"url": "https://plugins.trac.wordpress.org/browser/payment-gateway-stripe-and-woocommerce-integration/tags/3.7.7/includes/class-stripe-checkout.php#L640", "tags": ["x_transferred"]}, {"url": "https://plugins.trac.wordpress.org/changeset/2925361/payment-gateway-stripe-and-woocommerce-integration", "tags": ["x_transferred"]}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-10-01T18:01:03.655568Z", "id": "CVE-2023-3162", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-10-01T18:01:13.516Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/4d052f3e-8554-43f0-a5ae-1de09c198d7b?source=cve", "tags": ["x_transferred"]}, {"url": "https://plugins.trac.wordpress.org/browser/payment-gateway-stripe-and-woocommerce-integration/tags/3.7.7/includes/class-stripe-checkout.php#L640", "tags": ["x_transferred"]}, {"url": "https://plugins.trac.wordpress.org/changeset/2925361/payment-gateway-stripe-and-woocommerce-integration", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T06:48:07.784Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-3162", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-10-01T18:01:03.655568Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-10-01T18:01:08.199Z"}}], "cna": {"credits": [{"lang": "en", "type": "finder", "value": "Lana Codes"}], "metrics": [{"cvssV3_1": {"version": "3.1", "baseScore": 9.8, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}}], "affected": [{"vendor": "webtoffee", "product": "Stripe Payment Plugin for WooCommerce", "versions": [{"status": "affected", "version": "*", "versionType": "semver", "lessThanOrEqual": "3.7.7"}], "defaultStatus": "unaffected"}], "timeline": [{"lang": "en", "time": "2023-06-08T00:00:00.000+00:00", "value": "Discovered"}, {"lang": "en", "time": "2023-06-08T00:00:00.000+00:00", "value": "Vendor Notified"}, {"lang": "en", "time": "2023-08-01T00:00:00.000+00:00", "value": "Disclosed"}], "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/4d052f3e-8554-43f0-a5ae-1de09c198d7b?source=cve"}, {"url": "https://plugins.trac.wordpress.org/browser/payment-gateway-stripe-and-woocommerce-integration/tags/3.7.7/includes/class-stripe-checkout.php#L640"}, {"url": "https://plugins.trac.wordpress.org/changeset/2925361/payment-gateway-stripe-and-woocommerce-integration"}], "descriptions": [{"lang": "en", "value": "The Stripe Payment Plugin for WooCommerce plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 3.7.7. This is due to insufficient verification on the user being supplied during a Stripe checkout through the plugin. This allows unauthenticated attackers to log in as users who have orders, who are typically customers."}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-288 Authentication Bypass Using an Alternate Path or Channel"}]}], "providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2023-08-31T05:33:07.144Z"}}}, "cveMetadata": {"cveId": "CVE-2023-3162", "state": "PUBLISHED", "dateUpdated": "2024-10-01T18:01:13.516Z", "dateReserved": "2023-06-08T12:39:24.512Z", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "datePublished": "2023-08-31T05:33:07.144Z", "assignerShortName": "Wordfence"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:webtoffee:stripe_payment_plugin_for_woocommerce:*:*:*:*:*:wordpress:*:*", "matchCriteriaId": "D869C0F7-157C-4275-9389-713838B658A1", "versionEndIncluding": "3.7.7", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "The Stripe Payment Plugin for WooCommerce plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 3.7.7. This is due to insufficient verification on the user being supplied during a Stripe checkout through the plugin. This allows unauthenticated attackers to log in as users who have orders, who are typically customers."}], "id": "CVE-2023-3162", "lastModified": "2024-11-21T08:16:35.813", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "security@wordfence.com", "type": "Secondary"}]}, "published": "2023-08-31T06:15:09.737", "references": [{"source": "security@wordfence.com", "tags": ["Patch"], "url": "https://plugins.trac.wordpress.org/browser/payment-gateway-stripe-and-woocommerce-integration/tags/3.7.7/includes/class-stripe-checkout.php#L640"}, {"source": "security@wordfence.com", "tags": ["Patch"], "url": "https://plugins.trac.wordpress.org/changeset/2925361/payment-gateway-stripe-and-woocommerce-integration"}, {"source": "security@wordfence.com", "tags": ["Third Party Advisory"], "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/4d052f3e-8554-43f0-a5ae-1de09c198d7b?source=cve"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://plugins.trac.wordpress.org/browser/payment-gateway-stripe-and-woocommerce-integration/tags/3.7.7/includes/class-stripe-checkout.php#L640"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://plugins.trac.wordpress.org/changeset/2925361/payment-gateway-stripe-and-woocommerce-integration"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/4d052f3e-8554-43f0-a5ae-1de09c198d7b?source=cve"}], "sourceIdentifier": "security@wordfence.com", "vulnStatus": "Modified"}