CVSS base score
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
What the vulnerability does
The Fortis for WooCommerce plugin for WordPress is vulnerable to authorization bypass due to an inverted nonce check in the 'check_fortis_notify_response' function in all versions up to, and including, 1.2.0. This makes it possible for unauthenticated attackers to update arbitrary WooCommerce order statuses to paid/processing/completed, effectively allowing them to mark orders as paid without payment.
Explanation of Vulnerability in Simple Terms
Fortis for WooCommerce versions up to 1.2.0 lack proper authorization checks, allowing unauthenticated attackers to modify data through the plugin. The vulnerability requires only network access and no user interaction. Site administrators should update to a version newer than 1.2.0 to prevent unauthorized modifications.
What an attacker can do
Modify data in the plugin without authentication or permission.
Potential impact on your site
Attackers can alter plugin data without logging in, potentially affecting payment processing or customer records.
Conditions required to exploit
Network access only; no authentication or user interaction required.
Key dates
External resources
Related vulnerabilities
