CVE-2020-36713 : The MStore API plugin for WordPress is vulnerable to authentication bypass in ve

The MStore API plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 2.1.5. This is due to unrestricted access to the 'register' and 'update_user_profile' routes. This makes it possible for unauthenticated attackers to create new administrator accounts, delete existing administrator accounts, or escalate privileges on any account.

Published 2023-06-07 02:15:12

Updated 2023-06-12 19:27:17

Source Wordfence

View at NVD, CVE.org

Products affected by CVE-2020-36713

Inspireui » Mstore Api » For Wordpress
Versions up to, including, (<=) 2.1.5
cpe:2.3:a:inspireui:mstore_api:*:*:*:*:*:wordpress:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2020-36713

EPSS FAQ

0.90%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 74 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2020-36713

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
9.8	CRITICAL	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H	3.9	5.9	NIST
Attack Vector: Network Attack Complexity: Low Privileges Required: None User Interaction: None Scope: Unchanged Confidentiality: High Integrity: High Availability: High
9.8	CRITICAL	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H	3.9	5.9	Wordfence
Attack Vector: Network Attack Complexity: Low Privileges Required: None User Interaction: None Scope: Unchanged Confidentiality: High Integrity: High Availability: High

CWE ids for CVE-2020-36713

CWE-288 Authentication Bypass Using an Alternate Path or Channel

The product requires authentication, but the product has an alternate path or channel that does not require authentication.

Assigned by: security@wordfence.com (Secondary)
CWE-306 Missing Authentication for Critical Function

The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.

Assigned by: nvd@nist.gov (Primary)

References for CVE-2020-36713

https://www.acunetix.com/vulnerabilities/web/wordpress-plugin-mstore-api-security-bypass-2-1-5/

WordPress Plugin MStore API Security Bypass (2.1.5) - Vulnerabilities - Acunetix
Third Party Advisory
https://www.wordfence.com/threat-intel/vulnerabilities/id/934c3ce9-cf2d-4bf6-9a34-f448cb2e5a1d?source=cve

MStore API <= 2.1.5 - Authentication Bypass
Third Party Advisory
https://blog.nintechnet.com/critical-vulnerability-fixed-in-wordpress-mstore-api-plugin/

Critical vulnerability fixed in WordPress MStore API plugin. – NinTechNet
Exploit

Jump to

Vulnerability Details : CVE-2020-36713

Products affected by CVE-2020-36713

Exploit prediction scoring system (EPSS) score for CVE-2020-36713

CVSS scores for CVE-2020-36713

CWE ids for CVE-2020-36713

References for CVE-2020-36713