CVE-2023-7293 – This vulnerability in the Paytium WordPress plu... (How to Fix)

Q: What is the severity of CVE-2023-7293?

CVE-2023-7293 has a CVSS score of 4.3 (MEDIUM). This vulnerability in the Paytium WordPress plugin allows authenticated attackers with subscriber-level access to verify the existence of a Mollie payment account. It affects WordPress sites using Paytium versions up to 4.3.7. The issue stems from missing capability checks in the check_mollie_account_details function.

📋 TL;DR

This vulnerability in the Paytium WordPress plugin allows authenticated attackers with subscriber-level access to verify the existence of a Mollie payment account. It affects WordPress sites using Paytium versions up to 4.3.7. The issue stems from missing capability checks in the check_mollie_account_details function.

💻 Affected Systems

Products:

Paytium: Mollie payment forms & donations plugin for WordPress

Versions: Up to and including 4.3.7

Operating Systems: All

Default Config Vulnerable: ⚠️ Yes

Notes: Requires WordPress installation with Paytium plugin and at least one authenticated user with subscriber role.

📦 What is this software?

Paytium by Paytium

View all CVEs affecting Paytium →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers could confirm active Mollie accounts, potentially enabling targeted phishing or reconnaissance for further attacks against payment infrastructure.

🟠

Likely Case

Information disclosure allowing attackers to verify payment account existence, which could be used for social engineering or targeted attacks.

🟢

If Mitigated

Minimal impact if proper access controls and monitoring are in place, as this only reveals account existence, not sensitive data.

🌐 Internet-Facing: MEDIUM

🏢 Internal Only: LOW

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: NO

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploitation requires authenticated access with subscriber privileges. No public exploit code identified.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 4.3.8

Vendor Advisory: https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=2853869%40paytium%2Ftrunk&old=2824314%40paytium%2Ftrunk&sfp_email=&sfph_mail=#file0

Restart Required: No

Instructions:

1. Log into WordPress admin panel. 2. Navigate to Plugins > Installed Plugins. 3. Find Paytium plugin. 4. Click 'Update Now' if available. 5. Alternatively, download version 4.3.8+ from WordPress repository and manually update.

🔧 Temporary Workarounds

Remove vulnerable plugin

linux

Temporarily disable or remove Paytium plugin until patched

wp plugin deactivate paytium
wp plugin delete paytium

Restrict user roles

all

Limit subscriber-level access or implement additional access controls

🧯 If You Can't Patch

Implement network segmentation to isolate WordPress installation
Enhance monitoring for suspicious API calls to check_mollie_account_details function

🔍 How to Verify

Check if Vulnerable:

Check WordPress admin panel > Plugins > Paytium version. If version is 4.3.7 or lower, system is vulnerable.

Check Version:

wp plugin get paytium --field=version

Verify Fix Applied:

Confirm Paytium plugin version is 4.3.8 or higher in WordPress admin panel.

📡 Detection & Monitoring

Log Indicators:

Unusual API calls to check_mollie_account_details from subscriber accounts
Multiple failed authentication attempts followed by successful subscriber login

Network Indicators:

HTTP POST requests to /wp-admin/admin-ajax.php with action=check_mollie_account_details

SIEM Query:

source="wordpress_logs" AND (uri_path="/wp-admin/admin-ajax.php" AND parameters.action="check_mollie_account_details")

📊 Metadata

CVE ID: CVE-2023-7293

CVSS v3 Score: 4.3 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

CWE: CWE-862

Published: October 16, 2024

Last Updated: October 17, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-7293, you might also want to check these: