CVE-2020-36713 — Authentication Bypass Using an Alternate Path or Channel in Mstore API Create Native Android IOS Apps ON THE Cloud

CWE-288 — Authentication Bypass Using an Alternate Path or Channel CWE-306 — Missing Authentication for Critical Function3 documents3 sources

Severity

9.8CRITICALNVD

EPSS

0.9%

top 23.89%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Inspireui Mstore API Create Native Android IOS Apps ON THE Cloud Inspireui Mstore API

Timeline

PublishedJun 7

Description

The MStore API plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 2.1.5. This is due to unrestricted access to the 'register' and 'update_user_profile' routes. This makes it possible for unauthenticated attackers to create new administrator accounts, delete existing administrator accounts, or escalate privileges on any account.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages2 packages

▶CVEListV5inspireui/mstore_api_create_native_android_ios_apps_on_the_cloud< 2.1.6

▶NVDinspireui/mstore_api2.1.5

🔴Vulnerability Details

GHSA

GHSA-4w36-8q8w-r4jp: The MStore API plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 2↗2023-06-07

▶

CVEList

MStore API <= 2.1.5 - Authentication Bypass↗2023-06-07

▶