CVE-2023-3277
published 2023-11-03CVE-2023-3277: The MStore API plugin for WordPress is vulnerable to Unauthorized Account Access and Privilege Escalation in versions up to, and including, 4.10.7 due to…
PriorityP182critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
ITWEXPLOITVulnCheck KEV
Exploited in the wild
EPSS
2.89%
85.1th percentile
The MStore API plugin for WordPress is vulnerable to Unauthorized Account Access and Privilege Escalation in versions up to, and including, 4.10.7 due to improper implementation of the Apple login feature. This allows unauthenticated attackers to log in as any user as long as they know the user's email address.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| inspireui | mstore_api | <= 4.10.7 | — |
| inspireui | mstore_api_create_native_android_ios_apps_on_the_cloud | <= 4.10.7 | — |
Detection & IOCsextracted from sources · hover to see the quote
bytes↗
base64-encoded token with format: .{base64({"email":"<victim@email>"})}. (dot-padded JWT-like structure with no signature)- →Detect exploit attempts by monitoring POST requests to /wp-json/api/flutter_user/apple_login with a JSON body containing a 'token' field that follows the pattern .<base64_payload>. (dot-wrapped base64, no valid Apple JWT signature). ↗
- →A successful exploitation response will contain all three fields 'wp_user_id', 'cookie', and 'user_login' in the JSON body with HTTP 200 and Content-Type application/json — use these as confirmation of account takeover. ↗
- →Identify vulnerable WordPress installations by searching for the string /wp-content/plugins/mstore-api/ in HTTP response bodies (FOFA/PublicWWW fingerprint). ↗
- →The vulnerability resides in the Apple login handler at controllers/flutter-user.php line 821; audit or monitor file integrity of this path in MStore API <= 4.10.7. ↗
- ·The exploit requires only knowledge of the target user's email address; no credentials or prior authentication are needed, making automated scanning at scale trivial. ↗
- ·No patch was available at time of disclosure; the Nuclei template notes 'No patch available yet; monitor for updates from the developer and apply patches as soon as they are released.' ↗
CVSS provenance
nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
vulncheck9.8CRITICAL
vendor_redhat6.5MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
VulDB
inspireui MStore API Plugin up to 4.10.7 on WordPress Apple Login authentication bypass
vuldb·2026-04-11·CVSS 9.8
CVE-2023-3277 [CRITICAL] inspireui MStore API Plugin up to 4.10.7 on WordPress Apple Login authentication bypass
A vulnerability classified as critical was found in inspireui MStore API Plugin up to 4.10.7 on WordPress. This impacts an unknown function of the component Apple Login. The manipulation results in authentication bypass using alternate channel.
This vulnerability is known as CVE-2023-3277. It is possible to launch the attack remotely. No exploit is available.
GHSA
GHSA-7pc7-crj3-6p7v: The MStore API plugin for WordPress is vulnerable to Unauthorized Account Access and Privilege Escalation in versions up to, and including, 4
ghsa_unreviewed·2023-11-03
CVE-2023-3277 [CRITICAL] CWE-288 GHSA-7pc7-crj3-6p7v: The MStore API plugin for WordPress is vulnerable to Unauthorized Account Access and Privilege Escalation in versions up to, and including, 4
The MStore API plugin for WordPress is vulnerable to Unauthorized Account Access and Privilege Escalation in versions up to, and including, 4.10.7 due to improper implementation of the Apple login feature. This allows unauthenticated attackers to log in as any user as long as they know the user's email address. We are disclosing this issue as the developer has not yet released a patch, but continues to release updates and we escalated this issue to the plugin's team 30 days ago.
VulnCheck
MStore API plugin for WordPress Priviledge Escalation Vulnerability
vulncheck·2023·CVSS 9.8
CVE-2023-3277 [CRITICAL] MStore API plugin for WordPress Priviledge Escalation Vulnerability
MStore API plugin for WordPress Priviledge Escalation Vulnerability
The MStore API plugin for WordPress is vulnerable to Unauthorized Account Access and Privilege Escalation in versions up to, and including, 4.10.7 due to improper implementation of the Apple login feature. This allows unauthenticated attackers to log in as any user as long as they know the user's email address.
Affected: inspireui mstore_api
Required Action: Apply remediations or mitigations per vendor instructions or discontinue use of the product if remediation or mitigations are unavailable.
Exploitation References: https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/mstore-api/mstore-api-4107-unauthorized-account-access-and-privilege-escalation
Red Hat
openstack-neutron: unrestricted creation of security groups (fix for CVE-2022-3277)
vendor_redhat·2023-07-12·CVSS 6.5
CVE-2023-3637 [MEDIUM] CWE-400 openstack-neutron: unrestricted creation of security groups (fix for CVE-2022-3277)
openstack-neutron: unrestricted creation of security groups (fix for CVE-2022-3277)
An uncontrolled resource consumption flaw was found in openstack-neutron. This flaw allows a remote authenticated user to query a list of security groups for an invalid project. This issue creates resources that are unconstrained by the user's quota. If a malicious user were to submit a significant number of requests, this could lead to a denial of service.
An uncontrolled resource consumption flaw was found in openstack-neutron. This flaw allows a remote authenticated user to query a list of security groups for an invalid project. This issue creates resources that are unconstrained by the user's quota. If a malicious user were to submit a significant number of requests, this could lead to a denial of ser
No detection rules found.
Nuclei
MStore API <= 4.10.7 - Unauthorized Account Access and Privilege Escalation
nuclei·CVSS 9.8
CVE-2023-3277 [CRITICAL] MStore API <= 4.10.7 - Unauthorized Account Access and Privilege Escalation
MStore API <= 4.10.7 - Unauthorized Account Access and Privilege Escalation
The MStore API plugin for WordPress is vulnerable to Unauthorized Account Access and Privilege Escalation in versions up to, and including, 4.10.7 due to improper implementation of the Apple login feature. This allows unauthenticated attackers to log in as any user as long as they know the user's email address.
Template:
id: CVE-2023-3277
info:
name: MStore API <= 4.10.7 - Unauthorized Account Access and Privilege Escalation
author: daffainfo
severity: critical
description: |
The MStore API plugin for WordPress is vulnerable to Unauthorized Account Access and Privilege Escalation in versions up to, and including, 4.10.7 due to improper implementation of the Apple login feature. This allows unauthenticated attac
No writeups or analysis indexed.
https://plugins.trac.wordpress.org/browser/mstore-api/trunk/controllers/flutter-user.php#L821https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=2988788%40mstore-api%2Ftrunk&old=2985882%40mstore-api%2Ftrunk&sfp_email=&sfph_mail=https://www.wordfence.com/threat-intel/vulnerabilities/id/1c7c0c35-5f44-488f-9fe1-269ea4a73854?source=cvehttps://plugins.trac.wordpress.org/browser/mstore-api/trunk/controllers/flutter-user.php#L821https://www.wordfence.com/threat-intel/vulnerabilities/id/1c7c0c35-5f44-488f-9fe1-269ea4a73854?source=cve
2023-11-03
Published
Exploited in the wild