NVD Vulnerability Detail

CVE-2021-34646

Summary	Versions up to, and including, 5.4.3, of the Booster for WooCommerce WordPress plugin are vulnerable to authentication bypass via the process_email_verification function due to a random token generation weakness in the reset_and_mail_activation_link function found in the ~/includes/class-wcj-emails-verification.php file. This allows attackers to impersonate users and trigger an email address verification for arbitrary accounts, including administrative accounts, and automatically be logged in as that user, including any site administrators. This requires the Email Verification module to be active in the plugin and the Login User After Successful Verification setting to be enabled, which it is by default.
Publication Date	Aug. 31, 2021, 4:15 a.m.
Registration Date	Aug. 31, 2021, 10 a.m.
Last Update	Nov. 21, 2024, 3:10 p.m.

Affected software configurations

Configuration1		or higher	or less	more than	less than
cpe:2.3:a:booster:booster_for_woocommerce::::::wordpress::*			5.4.3

Related information, measures and tools

No	URL	タグ
1	https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=2581212%40woocommerce-jetpack&new=2581212%40woocommerce-jetpack&sfp_email=&sfph_mail=	Patch Third Party Advisory
2	https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=2581212%40woocommerce-jetpack&new=2581212%40woocommerce-jetpack&sfp_email=&sfph_mail=	Patch Third Party Advisory
3	https://www.wordfence.com/blog/2021/08/critical-authentication-bypass-vulnerability-patched-in-booster-for-woocommerce/	Exploit Third Party Advisory
4	https://www.wordfence.com/blog/2021/08/critical-authentication-bypass-vulnerability-patched-in-booster-for-woocommerce/	Exploit Third Party Advisory

Common Vulnerabilities List

No	CWE	Name	URL
1	CWE-330	不十分なランダム値の使用	https://cwe.mitre.org/data/definitions/330.html

JVN Vulnerability Information

WordPress 用 Booster for WooCommerce プラグインにおけるスプーフィングによる認証回避に関する脆弱性

Title	WordPress 用 Booster for WooCommerce プラグインにおけるスプーフィングによる認証回避に関する脆弱性
Summary	WordPress 用 Booster for WooCommerce プラグインには、スプーフィングによる認証回避に関する脆弱性が存在します。
Possible impacts	情報を取得される、情報を改ざんされる、およびサービス運用妨害 (DoS) 状態にされる可能性があります。
Solution	ベンダより正式な対策が公開されています。ベンダ情報を参照して適切な対策を実施してください。
Publication Date	Aug. 11, 2021, midnight
Registration Date	July 25, 2022, 6:11 p.m.
Last Update	July 25, 2022, 6:11 p.m.

Affected System

Booster

Booster for WooCommerce 5.4.3 まで

CVE (情報セキュリティ共通脆弱性識別子)

No	Name	URL
Common Vulnerabilities and Exposures (CVE)
1	CVE-2021-34646	https://www.cve.org/CVERecord?id=CVE-2021-34646
National Vulnerability Database (NVD)
2	CVE-2021-34646	https://nvd.nist.gov/vuln/detail/CVE-2021-34646

CWE (共通脆弱性タイプ一覧)

No	Name	URL
JVNDB
1	CWE-290	https://cwe.mitre.org/data/definitions/290.html

ベンダー情報

No	Name	URL
WordPress Plugin Changeset
1	Changeset 2581212 for woocommerce-jetpack	https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=2581212%40woocommerce-jetpack&new=2581212%40woocommerce-jetpack&sfp_email=&sfph_mail=

Change Log

No	Changed Details	Date of change
1	[2022年07月25日] 掲載	July 25, 2022, 6:11 p.m.