Can you explain this vulnerability to me?

The Visa Acceptance Solutions plugin for WordPress has an authentication bypass vulnerability in all versions up to and including 2.1.0. This occurs because the function express_pay_product_page_pay_for_order() logs users in based only on a user-supplied billing email address during guest checkout for subscription products. It does not verify ownership of the email, require a password, or validate a one-time token.

As a result, an unauthenticated attacker can log in as any existing user, including administrators, simply by providing the target user's email address in the billing_details parameter.

This leads to complete account takeover and site compromise.

Useful 0 Not Useful 0

How can this vulnerability impact me? :

This vulnerability allows an attacker to bypass authentication and gain unauthorized access to any user account on the affected WordPress site, including administrator accounts.

The attacker can take over accounts completely, which can lead to full site compromise.

Such access can result in unauthorized changes, data theft, deletion, or other malicious activities that severely impact the security and integrity of the website.

Useful 0 Not Useful 0

How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:

The vulnerability allows unauthenticated attackers to take over any user account, including administrators, by bypassing authentication controls. This results in complete site compromise.

Such a compromise can lead to unauthorized access to personal and sensitive data, which may violate data protection regulations like GDPR and HIPAA that require strict access controls and protection of user data.

Therefore, this vulnerability poses a significant risk to compliance with standards that mandate secure authentication and data protection.

Useful 0 Not Useful 0