CVE-2023-3277 Scanner

The MStore API is a plugin used for WordPress websites, facilitating the integration of e-commerce functionalities through mobile applications. It is widely utilized by developers and businesses seeking to create seamless and efficient mobile experiences for their customers. The plugin connects a WordPress site with mobile applications, providing real-time data synchronization. Its ease of use makes it popular among both small businesses and larger enterprises looking to enhance their mobile engagement strategy. Despite its functionality, vulnerabilities in plugins like this can pose significant security risks to WordPress websites. It's crucial for users to maintain and update the plugin to safeguard against security threats.

The vulnerability identified in the MStore API plugin involves unauthorized access and privilege escalation. It is specifically related to a misconfiguration in the Apple login feature within the plugin. This flaw allows attackers to log in as any user if they possess the user's email address, thereby bypassing authentication protocols. The vulnerability also empowers attackers to escalate their privileges once logged in, further compromising the system. Due to its high severity, affected systems are at risk of full account compromise, necessitating urgent attention and remediation. It is classified as a critical issue and urges users to take preventive measures as soon as possible.

At the technical level, the vulnerability stems from the improper implementation of the Apple login feature in the MStore API. The endpoint involved is /wp-json/api/flutter_user/apple_login, where POST requests can be crafted to exploit the misconfiguration. The vulnerable parameters include the user's token, first_name, and last_name, which can be manipulated to gain unauthorized access. The template captures the vulnerabilities by checking for specific keywords in the response body and verifying the status code of the server response. Understanding and promptly addressing such vulnerabilities is essential to maintain the integrity and security of the server.

Once exploited, the vulnerability can have severe consequences, including unauthorized access to user accounts and potential privilege escalation within the system. Attackers can potentially gain full admin rights and compromise the integrity of the site. This may lead to data breaches, unauthorized information disclosure, and modification or deletion of content on the website. The vulnerability could also be a stepping stone for further attacks or exploitation of the system's resources. The far-reaching implications necessitate immediate action to prevent potential exploitation and maintain security.

REFERENCES

• https://www.wordfence.com/threat-intel/vulnerabilities/id/1c7c0c35-5f44-488f-9fe1-269ea4a73854?source=cve
• https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=2988788%40mstore-api%2Ftrunk&old=2985882%40mstore-api%2Ftrunk&sfp_email=&sfph_mail=
• https://plugins.trac.wordpress.org/browser/mstore-api/trunk/controllers/flutter-user.php#L821
• https://nvd.nist.gov/vuln/detail/CVE-2023-3277