FKIE_CVE-2024-6500

Vulnerability from fkie_nvd - Published: 2024-08-17 03:15 - Updated: 2026-06-17 08:18
Severity
10.0 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:H
Summary
The InPost for WooCommerce plugin and InPost PL plugin for WordPress are vulnerable to unauthorized access and deletion of data due to a missing capability check on the 'parse_request' function in all versions up to, and including, 1.4.0 (for InPost for WooCommerce) as well as 1.4.4 (for InPost PL). This makes it possible for unauthenticated attackers to read and delete arbitrary files on Windows servers. On Linux servers, only files within the WordPress install will be deleted, but all files can be read.
References
security@wordfence.comhttps://plugins.trac.wordpress.org/browser/inpost-for-woocommerce/trunk/src/InspireLabs/WoocommerceInpost/EasyPack_Helper.php#L267
security@wordfence.comhttps://plugins.trac.wordpress.org/browser/inpost-for-woocommerce/trunk/src/InspireLabs/WoocommerceInpost/EasyPack_Helper.php#L75
security@wordfence.comhttps://plugins.trac.wordpress.org/browser/woo-inpost/trunk/classes/class-helper.php#L140
security@wordfence.comhttps://plugins.trac.wordpress.org/browser/woo-inpost/trunk/classes/class-helper.php#L216
security@wordfence.comhttps://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3115602%40inpost-for-woocommerce%2Ftrunk&old=3110579%40inpost-for-woocommerce%2Ftrunk&sfp_email=&sfph_mail=
security@wordfence.comhttps://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3125034%40woo-inpost%2Ftrunk&old=2886304%40woo-inpost%2Ftrunk&sfp_email=&sfph_mail=
security@wordfence.comhttps://www.wordfence.com/threat-intel/vulnerabilities/id/7b57e750-71ec-4c52-999b-6c14a78c3bff?source=cve
Impacted products
Vendor Product Version
To clipboard 

{
  "affected": [
    {
      "affectedData": [
        {
          "defaultStatus": "unaffected",
          "product": "InPost for WooCommerce",
          "vendor": "inspirelabs",
          "versions": [
            {
              "lessThanOrEqual": "1.4.0",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "InPost PL",
          "vendor": "inspirelabs",
          "versions": [
            {
              "lessThanOrEqual": "1.4.4",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "source": "security@wordfence.com"
    },
    {
      "affectedData": [
        {
          "cpes": [
            "cpe:2.3:a:inspirelabs:inpost_for_woocommerce:*:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unknown",
          "product": "inpost_for_woocommerce",
          "vendor": "inspirelabs",
          "versions": [
            {
              "lessThanOrEqual": "1.4.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:inspirelabs:inpost_pl:*:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unknown",
          "product": "inpost_pl",
          "vendor": "inspirelabs",
          "versions": [
            {
              "lessThanOrEqual": "1.4.4",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The InPost for WooCommerce plugin and InPost PL plugin for WordPress are vulnerable to unauthorized access and deletion of data due to a missing capability check on the \u0027parse_request\u0027 function in all versions up to, and including, 1.4.0 (for InPost for WooCommerce) as well as 1.4.4 (for InPost PL). This makes it possible for unauthenticated attackers to read and delete arbitrary files on Windows servers. On Linux servers, only files within the WordPress install will be deleted, but all files can be read."
    },
    {
      "lang": "es",
      "value": "El complemento InPost para WooCommerce y el complemento InPost PL para WordPress son vulnerables al acceso no autorizado y a la eliminaci\u00f3n de datos debido a una falta de verificaci\u00f3n de capacidad en la funci\u00f3n \u0027parse_request\u0027 en todas las versiones hasta la 1.4.0 incluida (para InPost para WooCommerce) as\u00ed como 1.4.4 (para InPost PL). Esto hace posible que atacantes no autenticados lean y eliminen archivos arbitrarios en servidores Windows. En los servidores Linux, solo se eliminar\u00e1n los archivos dentro de la instalaci\u00f3n de WordPress, pero se podr\u00e1n leer todos los archivos."
    }
  ],
  "id": "CVE-2024-6500",
  "lastModified": "2026-06-17T08:18:08.080",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 10.0,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.8,
        "source": "security@wordfence.com",
        "type": "Secondary"
      }
    ],
    "ssvcV203": [
      {
        "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
        "ssvcData": {
          "id": "CVE-2024-6500",
          "options": [
            {
              "exploitation": "none"
            },
            {
              "automatable": "yes"
            },
            {
              "technicalImpact": "total"
            }
          ],
          "role": "CISA Coordinator",
          "timestamp": "2024-08-20T19:04:41.415308Z",
          "version": "2.0.3"
        }
      }
    ]
  },
  "published": "2024-08-17T03:15:10.983",
  "references": [
    {
      "source": "security@wordfence.com",
      "url": "https://plugins.trac.wordpress.org/browser/inpost-for-woocommerce/trunk/src/InspireLabs/WoocommerceInpost/EasyPack_Helper.php#L267"
    },
    {
      "source": "security@wordfence.com",
      "url": "https://plugins.trac.wordpress.org/browser/inpost-for-woocommerce/trunk/src/InspireLabs/WoocommerceInpost/EasyPack_Helper.php#L75"
    },
    {
      "source": "security@wordfence.com",
      "url": "https://plugins.trac.wordpress.org/browser/woo-inpost/trunk/classes/class-helper.php#L140"
    },
    {
      "source": "security@wordfence.com",
      "url": "https://plugins.trac.wordpress.org/browser/woo-inpost/trunk/classes/class-helper.php#L216"
    },
    {
      "source": "security@wordfence.com",
      "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=\u0026sfph_mail=\u0026reponame=\u0026new=3115602%40inpost-for-woocommerce%2Ftrunk\u0026old=3110579%40inpost-for-woocommerce%2Ftrunk\u0026sfp_email=\u0026sfph_mail="
    },
    {
      "source": "security@wordfence.com",
      "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=\u0026sfph_mail=\u0026reponame=\u0026new=3125034%40woo-inpost%2Ftrunk\u0026old=2886304%40woo-inpost%2Ftrunk\u0026sfp_email=\u0026sfph_mail="
    },
    {
      "source": "security@wordfence.com",
      "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/7b57e750-71ec-4c52-999b-6c14a78c3bff?source=cve"
    }
  ],
  "sourceIdentifier": "security@wordfence.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-862"
        }
      ],
      "source": "security@wordfence.com",
      "type": "Secondary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.





Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author Source Type Date Other

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.


Detection rules are retrieved from Rulezet.