CVE-2022-4305
Published: 23 January 2023
Summary
CVE-2022-4305 is a critical-severity an unspecified weakness vulnerability in Wp-Buy Login As User Or Customer \(User Switching\). Its CVSS base score is 9.8 (Critical).
Operationally, ranked in the top 0.7% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
Deeper analysis
The vulnerability is an authorization bypass in the Login as User or Customer WordPress plugin prior to version 3.3. The plugin fails to verify that the requesting party is permitted to assume another identity, enabling direct acquisition of authentication tokens for arbitrary accounts including administrators.
Unauthenticated remote attackers can exploit the flaw over the network to obtain a valid admin session without any user interaction or credentials. Successful exploitation grants full administrative control over the affected WordPress site, allowing arbitrary content changes, plugin installation, or further lateral movement within the hosting environment.
The referenced WPScan advisory identifies the issue in versions before 3.3 and indicates that updating to the fixed release restores the missing authorization checks. The EPSS score has reached a peak of 0.8887 with a current value of 0.8305, reflecting sustained exploitation interest after public disclosure.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2022-51660
Vulnerability details
The Login as User or Customer WordPress plugin before 3.3 lacks authorization checks to ensure that users are allowed to log in as another one, which could allow unauthenticated attackers to obtain a valid admin session.
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.