What the vulnerability does
01Description
The Checkout Mestres do WP for WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the cwmpUpdateOptions() function in versions 8.6.5 to 8.7.5. This makes it possible for unauthenticated attackers to update arbitrary options on the WordPress site. This can be leveraged to update the default role for registration to administrator and enable user registration for attackers to gain administrative user access to a vulnerable site.
Explanation of Vulnerability in Simple Terms
02Summary
Checkout Mestres do WP for WooCommerce versions 8.6.5 through 8.7.5 lack proper authorization checks, allowing unauthenticated attackers to perform sensitive actions without permission. An attacker can read, modify, or delete data and functionality on the affected site over the network without needing valid credentials or user interaction. This is a critical vulnerability affecting WooCommerce checkout operations.
What an attacker can do
03Attacker Capabilities
Read, modify, or delete site data and WooCommerce checkout functionality without authentication.
Potential impact on your site
04Site Impact
Attackers can compromise customer data, orders, and payment information without logging in.
Conditions required to exploit
05Prerequisites
Network access only; no authentication or user interaction required.
Key dates
06Disclosure timeline
March 29, 2025
CVE published
March 31, 2025
Record updated