CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-6328 – MStore API – Create Native Android & iOS Apps On The Cloud <= 4.14.7 - Authentication Bypass
https://notcve.org/view.php?id=CVE-2024-6328
The MStore API – Create Native Android & iOS Apps On The Cloud plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 4.14.7. This is due to insufficient verification on the 'phone' parameter of the 'firebase_sms_login' and 'firebase_sms_login_v2' functions. This makes it possible for unauthenticated attackers to log in as any existing user on the site, such as an administrator, if they have access to the email address or phone number. Additionally, if a new email address is supplied, a new user account is created with the default role, even if registration is disabled. El complemento MStore API – Create Native Android & iOS Apps On The Cloud para WordPress es vulnerable a la omisión de autenticación en todas las versiones hasta la 4.14.7 incluida. • https://plugins.trac.wordpress.org/browser/mstore-api/trunk/controllers/flutter-user.php#L699 https://plugins.trac.wordpress.org/browser/mstore-api/trunk/controllers/flutter-user.php#L714 https://plugins.trac.wordpress.org/changeset/3115231 https://www.wordfence.com/threat-intel/vulnerabilities/id/17d8e2e9-5e3f-433b-be1a-6ea765eba547?source=cve • CWE-288: Authentication Bypass Using an Alternate Path or Channel •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-50878 – WordPress MStore API Plugin <= 4.10.1 is vulnerable to Cross Site Request Forgery (CSRF)
https://notcve.org/view.php?id=CVE-2023-50878
Cross-Site Request Forgery (CSRF) vulnerability in InspireUI MStore API.This issue affects MStore API: from n/a through 4.10.1. Vulnerabilidad de Cross-Site Request Forgery (CSRF) en la API MStore de InspireUI. Este problema afecta a MStore API: desde n/a hasta 4.10.1. The MStore API plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to 4.10.2 (exclusive). This is due to missing or incorrect nonce validation in the templates/admin/mstore-api-admin-dashboard.php file. • https://patchstack.com/database/vulnerability/mstore-api/wordpress-mstore-api-plugin-4-10-1-cross-site-request-forgery-csrf-vulnerability?_s_id=cve • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-45055 – WordPress MStore API Plugin <= 4.0.6 is vulnerable to SQL Injection
https://notcve.org/view.php?id=CVE-2023-45055
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in InspireUI MStore API allows SQL Injection.This issue affects MStore API: from n/a through 4.0.6. La neutralización incorrecta de elementos especiales utilizados en una vulnerabilidad de comando SQL ('inyección SQL') en la API MStore de InspireUI permite la inyección SQL. Este problema afecta a la API MStore: desde n/a hasta 4.0.6. The MStore API plugin for WordPress is vulnerable to SQL Injection via the $name and $search variables in versions up to, and including, 4.0.6 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with subscriber-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. • https://patchstack.com/database/vulnerability/mstore-api/wordpress-mstore-api-plugin-4-0-6-sql-injection-vulnerability?_s_id=cve • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 3.5EPSS: 0%CPEs: 1EXPL: 1CVE-2023-3209 – MStore API < 3.9.7 - Settings Update via CSRF
https://notcve.org/view.php?id=CVE-2023-3209
The MStore API WordPress plugin before 3.9.7 does not secure most of its AJAX actions by implementing privilege checks, nonce checks, or a combination of both. • https://wpscan.com/vulnerability/970735f1-24bb-441c-89b6-5a0959246d6c •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-3197 – MStore API <= 4.0.1 - Unauthenticated SQL Injection
https://notcve.org/view.php?id=CVE-2023-3197
The MStore API plugin for WordPress is vulnerable to Unauthenticated Blind SQL Injection via the 'id' parameter in versions up to, and including, 4.0.1 due to insufficient escaping on the user supplied parameters and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. • https://plugins.trac.wordpress.org/changeset/2929891/mstore-api/trunk/controllers/helpers/vendor-wcfm.php https://www.wordfence.com/threat-intel/vulnerabilities/id/30aab1af-a78f-4bac-b3c5-30ea854ccef7?source=cve • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •