Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2021-34646Authentication Bypass by Spoofing in LLC Booster FOR Woocommcerce

CWE-290Authentication Bypass by SpoofingCWE-330Use of Insufficiently Random Values4 documents4 sources
Severity
9.8CRITICALNVD
EPSS
22.5%
top 4.15%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
2
Pluggabl LLC Booster FOR WoocommcerceBooster FOR Woocommerce
Timeline
PublishedAug 30
Latest updateMay 24

Description

Versions up to, and including, 5.4.3, of the Booster for WooCommerce WordPress plugin are vulnerable to authentication bypass via the process_email_verification function due to a random token generation weakness in the reset_and_mail_activation_link function found in the ~/includes/class-wcj-emails-verification.php file. This allows attackers to impersonate users and trigger an email address verification for arbitrary accounts, including administrative accounts, and automatically be logged in as

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages2 packages

NVDbooster/booster5.4.3
CVEListV5pluggabl_llc/booster_for_woocommcerce5.4.35.4.3

Patches

Patch: plugins.trac.wordpress.orgPatch: plugins.trac.wordpress.org

🔴Vulnerability Details

2
GHSA
GHSA-q3w8-grp4-hc32: Versions up to, and including, 52022-05-24
CVEList
Booster for WooCommerce <= 5.4.3 Authentication Bypass2021-08-30

💥Exploits & PoCs

1
Exploit-DB
WordPress Plugin WooCommerce Booster Plugin 5.4.3 - Authentication Bypass2021-09-17
CVE-2021-34646 — Authentication Bypass by Spoofing | cvebase