CVE-2024-13623

EUVD-2024-51694

31.01.2025, 07:15

The Order Export for WooCommerce plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.24 via the 'uploads' directory. This makes it possible for unauthenticated attackers to extract sensitive data stored insecurely in the /wp-content/uploads directory which can contain exported order information. The plugin is only vulnerable when 'Order data storage' is set to 'WordPress posts storage (legacy)', and cannot be exploited when the default option of 'High-performance order storage' is enabled.

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	Primary	5.9 MEDIUM	NETWORK	HIGH	NONE	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
Wordfence	CNA	5.9 MEDIUM				CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

Awaiting analysis

This vulnerability is currently awaiting analysis.

Base Score

CVSS 3.x

EPSS Score

Percentile: 45%

Common Weakness Enumeration

CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

References

https://plugins.trac.wordpress.org/browser/order-export-and-more-for-woocommerce/trunk/inc/JEMEXP_Order.php

https://plugins.trac.wordpress.org/changeset/3230283/

https://www.wordfence.com/threat-intel/vulnerabilities/id/18d6dffd-8df3-4611-ad94-6d806aa7328a?source=cve