The Download Monitor plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 5.1.7 via the executePayment() function due to missing validation on a user controlled key. This makes it possible for unauthenticated attackers to complete arbitrary pending orders by exploiting a mismatch between the PayPal transaction token and the local order, allowing theft of paid digital goods by paying a minimal amount for a low-cost item and using that payment token to finalize a high-value order.
The Download Monitor WordPress plugin versions up to 5.1.7 contain an Insecure Direct Object Reference vulnerability in the executePayment() function that allows unauthenticated attackers to complete arbitrary orders. Attackers can exploit mismatched PayPal tokens to steal high-value digital goods by paying minimal amounts.
يحتوي مكون Download Monitor للـ WordPress على ثغرة مرجع كائن مباشر غير آمن (IDOR) في دالة executePayment() تسمح للمهاجمين غير المصرح لهم بإكمال طلبات عشوائية. يمكن للمهاجمين استغلال عدم تطابق رموز PayPal لسرقة السلع الرقمية ذات القيمة العالية بدفع مبالغ ضئيلة.
The Download Monitor WordPress plugin versions up to 5.1.7 contain an Insecure Direct Object Reference vulnerability in the executePayment() function that allows unauthenticated attackers to complete arbitrary orders. Attackers can exploit mismatched PayPal tokens to steal high-value digital goods by paying minimal amounts.
Update the Download Monitor plugin to version 5.1.8 or later immediately. Implement server-side validation of PayPal transaction tokens against local order records. Disable the plugin if immediate patching is not possible. Review transaction logs for suspicious payment activity.
قم بتحديث مكون Download Monitor إلى الإصدار 5.1.8 أو أحدث فوراً. قم بتطبيق التحقق من صحة رموز معاملات PayPal على جانب الخادم مقابل سجلات الطلبات المحلية. قم بتعطيل المكون إذا لم يكن التصحيح الفوري ممكناً. راجع سجلات المعاملات للنشاط المريب.